No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


NE40E V800R010C10SPC500 Feature Description - Security 01

This is NE40E V800R010C10SPC500 Feature Description - Security
Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).


Each board on the NE40E has an independent Security Operating Center (SOC) that is responsible for collecting statistics and packet summaries on the board. Figure 12-1 shows the SOC deployment.

Figure 12-1 SOC deployment

The SOC runs automatically when the system starts, intelligently monitors system security in real time, and traces and locates the source of attacks. After detecting an attack, the SOC outputs an attack report.

Figure 12-2 shows the SOC architecture.

Figure 12-2 SOC architecture

As shown in Figure 12-2, the network processor (NP) implements traffic classification for packets sent to the CPU. Packets of different types enter different queues with different CAR parameters. The NP collects statistics about dropped packets and packets sent to the CPU. The PM module periodically reads all CP-CAR statistics and saves them in the buffer.

The SOC periodically reads the following information from the PM module:

  • CP-CAR statistics
  • CPU usage and statistics
  • Service statistics

After detecting an attack, the SOC initially determines the attack source and then samples suspicious packets for analysis.

Based on the analysis, the SOC locates the source of the attack and identifies its cause, and outputs attack reports.

The SOC provides interfaces for other modules to report security problems. After detecting an attack, a module proactively outputs information to the SOC.

Updated: 2019-01-03

Document ID: EDOC1100055047

Views: 12536

Downloads: 29

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next