beautypg.com

Table 23-2 – H3C Technologies H3C WX6000 Series Access Controllers User Manual

Page 172

background image

23-6

Table 23-2 Other ARP attack defense configuration items

Item

Description

Detection Mode

Select the detection mode for source MAC address based ARP attack
detection. The detection mode can be:

Disable: The source MAC address attack detection is disabled.

Filter Mode: The device generates an alarm and filters out ARP packets
sourced from a MAC address if the number of ARP packets received
from the MAC address within five seconds exceeds the specified value.

The device only generates an alarm if the number of ARP packets sent
from a MAC address within five seconds exceeds the specified value.

Aging Time

Type the aging time of the source MAC address based ARP attack detection
entries.

Threshold

Type the threshold of source MAC address based ARP attack detection.

Source
MAC
Address
Attack
Detection

Protected MAC
Configuration

Type a protected MAC address.

A protected MAC address is excluded from ARP attack detection even if it is
an attacker. You can specify certain MAC addresses, such as that of a
gateway or an important server, as a protected MAC address.

Expand Protected MAC Configuration and contents are displayed as
shown in

Figure 23-4

. To add a protected MAC address, type a MAC

address and click Add.

Enable ARP Packet Active
Acknowledgement

Enable or disable ARP packet active acknowledgement.

Enable Source MAC Address
Consistency Check

Enable or disable source MAC address consistency check.

Figure 23-4 Protected MAC configuration