No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


NE40E V800R010C10SPC500 Feature Description - Security 01

This is NE40E V800R010C10SPC500 Feature Description - Security
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Device Security Fundamentals

Device Security Fundamentals

Device security is implemented by filtering out the spoofing and malformed packets to be sent to the CPU through URPF on an interface and TCP/IP attack defense, discarding packets with invalid TTL through GTSM detection, restricting the bandwidth, scheduling priorities, and classifying packets to be sent to the CPU according to protocol granularities (The bandwidth is 100 kbit/s by default. The function should be configured to discard packets when the service is disabled), protecting management interfaces and service interfaces through management plane protection. In this manner, the packets to be sent to the CPU conform to the configured specification and format, the CPU is free from overload, and device security is enhanced.

If packets are discarded when being sent to the CPU, attack source tracing is activated. The attack source tracing module records the packets of the same type based on the statistics and configured sampling rate. If the number of discarded packets exceeds the threshold, an alarm is activated to inform the user of the number of discarded packets and information about the modules that discard packets.

Figure 11-2 Schematic diagram of Device security

Updated: 2019-01-03

Document ID: EDOC1100055047

Views: 12720

Downloads: 31

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next