No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).


This section describes intrusion prevention and its features.


Intrusion prevention detects intrusions, such as buffer overflow attacks, Trojan horses, and worms, by analyzing network traffic and takes actions to quickly terminate the intrusions. In this way, intrusion prevention protects the information system and network architecture of enterprises.


Intrusion prevention on the Central AP detects and automatically discards the intrusion packets or blocks the attack sources. Intrusion prevention on the Central AP has the following benefits:

  • Real-time attack blocking: Deployed in in-line mode, the Central AP blocks the attack traffic in real time.
  • In-depth protection: The Central AP examines the application-layer contents of packets, reassembles packets to analyze the protocols and detect threats, and blocks the attack packets based on the attack type and policy.
  • All-round protection: Intrusion prevention defends against such attacks as worms, viruses, Trojan horses, botnets, spyware, adware, Common Gateway Interface (CGI), cross-site scripting, injection, directory traversal, information leaks, remote file inclusion, overflow, code execution, denial of service, scanning, and backdoors.
  • Internal and external prevention: Intrusion prevention on the Central AP protects the intranet against both internal and external attacks. The system detects traffic that passes through, protecting both servers and clients.
  • Constant update for up-to-date protection: The intrusion prevention signature database is constantly updated to identify the latest threats. You can periodically update the signature database from the update center.
Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 117615

Downloads: 309

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next