Configuring the acsei protocol, Acsei timers – H3C Technologies H3C SecPath F1000-E User Manual

51

The firewall module has an independent CPU; therefore, the network device can still recognize and

control the firewall module when you reset the system of firewall module.
To reset the system of the firewall module:

Task Command

Remarks

Reset the system of the firewall
module

oap reboot slot slot-number

Available in user view

CAUTION:

The reset operation may cause data loss and service interruption. Therefore, before performing this
operation, save the configurations of the firewall module operating system and shut down the firewall
module operating system to avoid service interruption and data loss.

Configuring the ACSEI protocol

ACSEI is an H3C-proprietary protocol. It provides a method for exchanging information between ACFP

clients and ACFP server so that the ACFP server and clients can cooperate to run a service.
As a supporting protocol of ACFP, ACSEI also has two entities: server and client.

•

The ACSEI server is integrated into the software system (Comware) of the network device.

•

The ACSEI client is integrated into the software system (Comware) of the firewall module.

NOTE:

The collaborating IDS (Intrusion Detection System) cards or IDS devices serve as the ACFP clients which
run applications of other vendors and support the IPS (Intrusion Prevention System)/IDS services.

ACSEI mainly provides the following functions:

•

Registration and deregistration of an ACSEI client to the ACSEI server.

•

ID assignment. The ACSEI server assigns IDs to ACSEI clients to distinguish between them.

•

Mutual monitoring and awareness between an ACSEI client and the ACSEI server.

•

Information interaction between the ACSEI server and ACSEI clients, including clock

synchronization.

•

Control of the ACSEI clients on the ACSEI server. For example, you can close or restart an ACSEI
client on the ACSEI server.

An ACSEI server can register multiple ACSEI clients.

ACSEI timers

An ACSEI server uses two timers, the clock synchronization timer and the monitoring timer:

•

The clock synchronization timer is used to periodically trigger the ACSEI server to send clock
synchronization advertisements to ACSEI clients. You can set this timer through command lines.

•

The monitoring timer is used to periodically trigger the ACSEI server to send monitoring requests to

ACSEI clients. You can set this timer through command lines.

An ACSEI client starts two timers, the registration timer and the monitoring timer:

•

The registration timer is used to periodically trigger the ACSEI client to multicast registration requests
(with the multicast MAC address being 010F-E200-0021). You cannot set this timer.