No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Global IAE Parameters

Configuring Global IAE Parameters

This section describes how to configure global IAE parameters using the CLI.

Enabling the Defense Engine

Context

After the defense engine is enabled, the system automatically loads the default signature database.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    defence engine enable

    The defense engine is enabled.

    By default, the defense engine is disabled.

Configuring the Function of Disabling Resumable File Transfer

The Central AP allows you to disable resumable file transfer to improve the detection efficiency.

Context

Currently, many servers support the resumable file transfer function of HTTP or FTP. That is, after a file transfer fails, the file transfer can be resumed from the breakpoint. If the default configuration is used, the Central AP may permit the file transfer from a breakpoint. After you disable resumable file transfer, the Central AP can block resumable file transfer of HTTP or FTP.

Procedure

  1. Access the system view.

    system-view

  2. Disable the resumable file transmission function of HTTP and FTP.

    file-frame breakpoint-resume-blocking protocol { all | http | ftp }

    By default, the Central AP permits resumable file transfer of HTTP or FTP.

  3. Commit the configurations for compilation.

    engine configuration commit

    After you configure resumable file transmission function of HTTP and FTP, the configurations do not take effect until you run the engine configuration commit command to commit them. To save time, you can submit the configuration after all operations on the profile and global configurations are complete.

Configuring File Decompression

The Central AP supports filtering a decompressed file based on file content. You can set the decompression layers and the size of a decompressed file. The Central AP can process oversized decompression files and the files with multiple decompression layers.

Context

The Central AP detects compressed file by flow and implements decompression and content security detection simultaneously. If a data flow contains threat information, the Central AP processes the flow based on the content security configuration. If the data flow is secure and the decompression depth of a file or file size exceeds the specified value, the Central AP will take the action for the situation in which the maximum decompression depth or the maximum file size is exceeded:

  • Allow: Allows the file transfer. This is the default action.

  • Alert: Allows the file transfer and generates a log.

  • Block: Blocks the file transfer and generates a log.

NOTE:
  • Because the device does not support the block action for NFS, if the application is NFS and the action is block, the device will take the alert action.

  • If the application is IMAP or POP3 and the action is block, the device will delete attachments.

Procedure

  1. Access the system view.

    system-view

  2. Set the maximum decompression layer for file.

    file-frame decompress depth decompress-depth

    By default, the maximum number of decompression layers is 3.

  3. Set the action for the decompressed files with more than the specified decompression layers.

    file-frame decompress depth action { alert | allow | block }

    The default action is allow for the files exceeding the specified maximum decompression layers.

  4. Set the maximum size of decompressed files.

    file-frame decompress size file-size

    By default, the maximum file size is 100 MB.

  5. Set the action for the decompressed files larger than the maximum file size.

    file-frame decompress size action { alert | allow | block }

    The default action is allow when the maximum file size is exceeded.

  6. Commit the configurations for compilation.

    engine configuration commit

    After you configure file decompression, the configurations do not take effect until you run the engine configuration commit command to commit them. To save time, you can submit the configuration after all operations on the profile and global configurations are complete.

Translation
Download
Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 130142

Downloads: 312

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next