Chapter 4 Zone Configuration
Basic Zone Configuration
4-2
Cisco Traffic Anomaly Detector User Guide
OL-6109-01
•
Removing a Zone IP Address
•
Removing all Zone IP Addresses
Defining a New Zone
The Detector enables the user to define a new zone based on a variety of
templates.
To define a new zone perform the following:
1.
From the Configuration command group level type the following:
admin@DETECTOR-conf#
zone
<
new-zone-name
> [<
template
>|
copy-from
<
base-zone-name
>][
interactive
]
Where:
–
new-zone-name
—A zone name string. An alphanumeric string should
start with a letter, hold no spaces, and should be limited to a length of up
to 63 characters. The string may contain underscores.
–
template
—(Optional) A template that defines the zone configuration.
Options are:
Default
—The Guard default zone template
Bandwidth-limited Link Templates
—Templates designed and
specifically tailored for detection of large subnets segmented according
to zones with known bandwidth. Detection on zones defined by these
templates can be assumed without undergoing the learning process. It is
recommended to define such a zone with protect-ip-state of only-dest-ip
(see the
“Guard-Protection Activation Forms”
section for further details).
The following bandwidth-limited link templates are available for 128K,
1M, 4M, and 512K links respectively:
LINK_128K
,
LINK_1M
,
LINK_4M
, and
LINK_512K
.
Note
Learning Phase 1, policy construction, cannot be performed for
these templates.