Adding a detection service – H3C Technologies H3C SecBlade IPS Cards User Manual
Page 170
17-13
describes configuration items for adding a detection rule.
Table 17-8 Configuration items for adding a detection rule
Item
Description
Type
z
Add detection rule
z
Add detection service
Policy Application
Select the DDoS policy application to which the detection rule is to be added.
Attack to be detected by the detection rule
Action Set
Set the action set for the detection rule.
Protected IP
Set the IP addresses to be protected by the detection rule.
Rule Status
Set the status of the detection rule, enabled or disabled.
Threshold Status
Set the threshold status of the detection rule:
z
Locked: The threshold cannot be adjusted during threshold adjustment.
z
Adjustable: The threshold can be adjusted during threshold adjustment.
z
By Source IP: Threshold for traffic from a client
z
By destination IP: Threshold for traffic to a server
Threshold
Set the threshold of the detection rule.
Aging Time
Set the aging time of the detection rule.
Flow Direction
Set the flow direction for the detection rule:
z
Inbound
z
Outbound
Excluded IP
Configure the excluded IP addresses for the detection rule:
Each excluded IP address is identified by an IP address and a threshold. A detection
rule can have up to 10 excluded IP addresses configured.
It is not allowed to add a detection rule for a DDoS policy application in Initial state.
Adding a Detection Service
This task allows you to create multiple detection rules for a DDoS policy application at a time by using a
template.
Select DDoS > Detection Rules from the navigation tree, click Add, and select the Add detection
service radio button to enter the page shown in