Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document.
Note: Even the most advanced machine translation cannot match the quality of professional translators.
Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Attack Source Tracing
After attack source tracing is configured on a device, the device analyzes packets sent to the CPU and sends logs or alarms to notify the administrator of the potential attack packets so that the administrator can take protective measures.
Pre-configuration Tasks
Before configuring attack source tracing, connect interfaces and set physical parameters for the interfaces to ensure that the physical status of the interfaces is Up.
Configuration Procedure
To configure attack source tracing, you must create an attack defense policy. All other configuration tasks are optional and are not listed in sequence. An attack defense policy takes effect only after it is applied to an object. There is no limitation on when the attack defense policy is applied.
- Creating an Attack Defense Policy
- Configuring the Threshold for Attack Source Tracing
- Setting the Packet Sampling Ratio for Attack Source Tracing
- Configuring an Attack Source Tracing Mode
- Configuring the Types of Traced Packets
- Configuring a Whitelist for Attack Source Tracing
- Configuring Event Reporting Function
- Configuring Attack Source Punish Actions
- Applying an Attack Defense Policy
- Verifying the Attack Source Tracing Configuration