Maintaining a ddos policy application, Maintaining a ddos policy application -10 – H3C Technologies H3C SecBlade IPS Cards User Manual
Page 167
17-10
Item
Description
Detection&Protectio
n Startup Mode
Set the detection startup mode:
z
Auto: Detection&protection is started at the Detection Auto-Startup
Time.
z
Manual: In this mode, the Detection Auto-Startup Time option is not
configurable and you need to manually start detection&protection.
Detectio
n Rules
Control
Paramet
ers
Detection&Protectio
n Auto-Startup Time
Set the detection&protection auto-startup time:
z
After the rule is added: Detection&protection will be started after a rule is
added.
z
After the threshold is adjusted: Detection&protection will be started after
the threshold is adjusted.
Traffic Learning
Duration
Set the traffic learning duration. A traffic learning process lasts for the set
duration unless the user stops the process within the duration.
Attack Detection
Interval
Set the attack detection interval. If no attacks are detected within this
interval, the system considers attacks end.
Detectio
n Rules
Data
Paramet
ers
Attack Logs Output
Direction
Set the destination of attack logs, that is, select a notify action. Notify actions
are configured in the page you enter by selecting System Management >
Action Management > Notify Actions.
Threshol
d Control
Paramet
ers
Threshold
Adjustment Startup
Mode
Set the threshold adjustment startup mode:
z
Auto: Threshold adjustment is started after traffic learning.
z
Manual: In this mode, you need to manually start threshold adjustment in
the DDoS application list page after traffic learning.
Threshold Getting
Mode
Set the threshold getting mode:
z
Get the New: The system uses the latest threshold collected after the
previous threshold was generated and the weights set for the previous
and new thresholds to calculate the new threshold.
z
Get the Max: The system uses the maximum threshold among history
thresholds and the newly calculated one as the new threshold.
Threshold
Adjustment Time
Set the threshold adjustment duration:
z
No limit: A threshold adjustment process never ends unless you
manually stop it on the DDoS application list page.
z
up to: A threshold adjustment process lasts for the set duration if you do
not stop it on the DDoS application list page within the duration.
Threshold
Generating Interval
Set the threshold generation interval.
Threshol
d Data
Paramet
ers
New Threshold
Weight
Set a weight for the new threshold.
DDoS Protection Configuration Task List
.
Maintaining a DDoS Policy Application
After you apply a DDoS policy on a segment and click Apply, you can maintain the DDoS policy
application on the page you enter by selecting DDoS > Segment Policies, as shown in
.
Traffic Learning, Threshold Adjustment, and Detection&Protection on the page each provide a
Start/End button for you to select regardless of whether they are in auto or manual mode.
describes them in detail.