No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Web-based Configuration Guide

AR650, AR1600, and AR6100 V300R003

This document describes how to configure and maintain your routers using the web platform.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Basic Configuration

Basic Configuration

Context

To identify and classify application-based protocols to provide differentiated services for different applications, you can configure the network behavior management function.

Network behavior management detects and identifies packets of dynamic protocols such as Hypertext Transfer Protocol (HTTP), File Transfer Protocol (FTP), and Real-Time Transport Protocol (RTP) by checking Layer 4 to Layer 7 information in the packets. In this manner, network behavior management identifies protocols and applications on the network so that differentiated services are provided for different applications.

On the Basic Configuration tab page, you can create applications and configure network behavior management.

Prerequisite

To use the deep security function, you must enable it. By default, the deep security function is disabled.

  1. Open the Service Management page.

    Log in to the web system, choose System Management > System Configuration > Service Management to open the Service Management page, as shown in Figure 14-66.

    Figure 14-66  Service Management tab page

  2. Enable or disable deep security.
    • Enable deep security.

      In the Service Management area, click Enabled > Apply of Value-added security service to enable the deep security function.

    • Disable deep security.

      To disable deep security, click Disable and Apply, and restart the device.

      After the device restarts, the deep security configurations are deleted.

Procedure

  1. Configuring Application interface
    1. Access the Basic Configuration tab page.

      Log in to the web management system, and choose Security > Network Behavior Management > Basic Configuration, as shown in Figure 14-67.

      Figure 14-67  Basic Configuration

    2. In the Function Setting area, select interfaces to be enabled with network behavior management.

      Interfaces in the Selected Interface area have this function enabled. You can click or to move interfaces in areas Interface Selection and Selected Interface from one to another, as shown in Figure 14-68.

      NOTE:

      Online behavior management services must be applied to WAN-side interfaces.

      Figure 14-68  Select Interface

    3. Click Apply.
  2. Managing Application List

    • Creating an application

    1. Access the Basic Configuration tab page.

      Log in to the web management system, and choose Security > Network Behavior Management > Basic Configuration, as shown in Figure 14-67.

    2. In the Application List area, click Create, as shown in Figure 14-69. In the Create Application dialog box, set parameters listed in Table 14-34. Table 14-35 describes the application protocol set.

      Figure 14-69  Create Application

    3. Click OK. The new application is added.

      Table 14-34  Parameters for creating an application

      Parameter

      Description

      Monitored Subnet

      Network segment to be monitored. You can set this parameter to User-defined or All.

      Monitored subnet (IP/mask)

      Specific network segment to be monitored. The IP address and subnet mask are both in dotted decimal notation.

      This parameter is available only when Monitored Subnet is set to User-defined.

      You can delete a monitored network segment from the Added Subnet area.

      Application Protocol

      Application protocol set of the application. Select an application protocol set in the Select Application Protocol Set area.

      Control Mode

      Control mode of the application protocol set:

      • Deny: discards packets meeting the requirements.
      • Flow limiting: limits the rate of packets meeting the requirements.

      Rate

      Rate limit of packets in the application protocol set. The value is an integer that ranges from 8 to 4294967295, in kbit/s.

      This parameter is available only when Control Mode is set to Flow limiting.

      Repeat Time

      Time when the application protocol set takes effect.

      The validity period of the application protocol is set on the Advanced Configuration tab page.

      Table 14-35  Description of the application protocol set

      Item

      Description

      AppDownload

      Application downloading.

      Attack

      Network attack software.

      Auth_Service

      Identity authentication service provided on a network to ensure security.

      Browser_Plugin

      Supplements and extensions to a web browser.

      CloudService

      Cloud services.

      Data_Backup

      An important data recovery tool for enterprise users, which ensures security and integrity of enterprise data.

      Database

      A piece of data management software that provides functions such as data storage, access, protection, and backup.

      Electronic_Business

      Business activities conducted on the Internet in compliance with laws and regulations.

      Email

      An application that enables users to write, send, and receive mails over the Internet.

      Encrypted_Tunnel

      A method of using a network tunneling protocol to transfer packets of another network protocol.

      Enterprise_Application

      Enterprise application software provided to meet application requirements of enterprises.

      FileShare_P2P

      A point-to-point model that allows users to share files on a network.

      File_Access

      Access to a file.

      File_Sharing

      Sharing files with other users on a network.

      Finance

      Online banking and stock trading.

      Game

      Online gaming service provided on the Internet, which enables entertainment and communication using servers of game providers and computers of users.

      General_TCP

      General TCP application.

      General_UDP

      General UDP application.

      IM_File_Transfer

      A function of instant messaging software that enables file transfer between two or more users on a network.

      Infrastructure

      A collection of rules for communication between network devices, servers, and computers. An infrastructure protocol defines the formats of information that must be used in communication and meanings of the formats. Commonly used infrastructure protocols include HTTP and DNS.

      Instant_Messaging

      An application that allows two or more users to exchange text messages, files, voice, and video instantly on a network.

      Internet_Conferencing

      An application that allows users to share documents, make presentations, and hold meetings with others on a network.

      Ip_Protocol

      IP layer protocol.

      Media_Sharing

      Sharing audio and video with other users on a network.

      MicroBlog

      A platform where users share, propagate, and obtain information based on relationships with other users.

      Network_Admin

      Network management.

      Network_Storage

      Web disk application.

      News_Group

      News group.

      Other

      Applications other than UDP and TCP applications.

      PeerCasting

      Video transfer in point-to-point mode.

      Proxy

      Network proxy service that allows one network terminal to establish an indirect connection with another network terminal, to guarantee privacy and security and prevent network attacks.

      Remote_Access

      Any software that provides the remote access service, for example, the application software that allows one computer to access and control another computer.

      Search_Engines

      An application that automatically collects information from the Internet and provides it to users after analyzing and arranging the information.

      Social_Networking

      A platform that supports communication between users with the same interests and taking part in same activities on the Internet.

      Software_Update

      Upgrade of a software program using an upgrade patch downloaded from a network server.

      Utility

      Tools available on the Internet, such as the IP address location query tool.

      VoIP

      An application that enables users to make calls and transfer text, voice, and video at lower costs over an IP network.

      WebMail

      Web mailbox.

      Web_Browsing

      Display of text, image, video, and other information using a web browser.

      Web_Content_Aggregate

      Providing useful and specific information by manually sorting, analyzing, and classifying information and resources on the Internet.

      Web_Desktop

      A browser-based virtual operating system, on which users can perform operations on application programs using web browsers.

      Web_Posting

      Online discussion web site.

      Web_Spider

      A type of application that automatically collects specific information from the Internet.

      Web_Video

      Video portal web site.

      Wireless

      An application used on mobile phones to support wireless network access.

    • Modifying an application

    1. In the Application List area, click corresponding to the required application.
    2. In the Modify Application dialog box, modify parameters listed in Table 14-34. The parameters are the same as those in Figure 14-69.
    3. Click OK.

    • Deleting an application

      In the Application List area, select the required application, and click Delete. In the Information dialog box, click OK.

Download
Updated: 2019-04-12

Document ID: EDOC1100041803

Views: 31368

Downloads: 71

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next