H3C Technologies H3C WX3000E Series Wireless Switches User Manual

151

Table 62 Configuration items

Item Description

Source
MAC

Address

Attack
Detection

Detection Mode

Select the detection mode for source MAC address based ARP attack
detection. The detection mode can be:

•

Disable—The source MAC address attack detection is disabled.

•

Filter Mode—The device generates an alarm and filters out ARP packets

sourced from a MAC address if the number of ARP packets received from

the MAC address within five seconds exceeds the specified value.

•

The device only generates an alarm if the number of ARP packets sent

from a MAC address within five seconds exceeds the specified value.

Aging Time

Enter the aging time of the source MAC address based ARP attack detection
entries.

Threshold

Enter the threshold of source MAC address based ARP attack detection.

Protected MAC
Configuration

Add a protected MAC address in the following way:

1.

Expand Protected MAC Configuration and contents are displayed as

shown in

Figure 130

.

2.

Enter a MAC address.

3.

Click Add.

A protected MAC address is excluded from ARP attack detection even if it is

an attacker. You can specify certain MAC addresses, such as that of a
gateway or an important server, as a protected MAC address.

Enable ARP Packet Active
Acknowledgement

Enable or disable ARP packet active acknowledgement.

Enable Source MAC Address
Consistency Check

Enable or disable source MAC address consistency check.

Figure 130 Protected MAC configuration