No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CLI-based Configuration Guide - Security

AR500, AR510, and AR530 V200R007

This document describes the configurations of Security, including AAA, DAA,NAC, BRAS Access, ACL, Firewall, Deep Security Defense, Local Attack Defense;Attack Defense, Traffic Suppression, ARP Security, Port Security, DHCP Snooping, IPSG, URPF, PKI, SSL, HTTPS, Keychain, separating the management plane from the service plane, security risks.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Enabling the Attack Defense Function

Enabling the Attack Defense Function

Context

You enable different types of attack defense as required.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Enable attack defense.

    • firewall defend all enable

      All the attack defense functions are enabled.

    • firewall defend fraggle enable

      The Fraggle attack defense is enabled.

    • firewall defend icmp-flood enable

      The ICMP Flood attack defense is enabled.

    • firewall defend icmp-redirect enable

      The ICMP Redirect attack defense is enabled.

    • firewall defend icmp-unreachable enable

      The ICMP Unreachable attack defense is enabled.

    • firewall defend ip-fragment enable

      The IP-Fragment attack defense is enabled.

    • firewall defend ip-sweep enable

      The IP address sweeping attack defense is enabled.

    • firewall defend land enable

      The Land attack defense is enabled.

    • firewall defend large-icmp enable

      The large ICMP packet attack defense is enabled.

    • firewall defend ping-of-death enable

      The Ping of Death attack defense is enabled.

    • firewall defend port-scan enable

      The port scanning attack defense is enabled.

    • firewall defend smurf enable

      The Smurf attack defense is enabled.

    • firewall defend syn-flood enable

      The SYN Flood attack defense is enabled.

    • firewall defend tcp-flag enable

      The TCP flag attack defense is enabled.

    • firewall defend teardrop enable

      The Teardrop attack defense is enabled.

    • firewall defend tracert enable

      The Tracert attack defense is enabled.

    • firewall defend udp-flood enable

      The UDP Flood attack defense is enabled.

    • firewall defend winnuke enable

      The WinNuke attack defense is enabled.

    By default, no attack defense function is enabled.

Translation
Download
Updated: 2019-05-25

Document ID: EDOC1000097287

Views: 13792

Downloads: 40

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next