v
3 Virus Throttling (Connection-Rate Filtering)
Overview of Connection-Rate Filtering
. . . . . . . . . . . . . . . . . . . . . . . . . 3-1
Sensitivity to Connection Rate Detection . . . . . . . . . . . . . . . . . . . . 3-4
Application Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4
Unblocking a Currently Blocked Host . . . . . . . . . . . . . . . . . . . . . . 3-6
General Configuration Guidelines
. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-7
For a network that is relatively attack-free: . . . . . . . . . . . . . . . . . . . . . 3-7
For a network that appears to be under significant attack: . . . . . . . . . 3-8
Configuring Connection-Rate Filtering
. . . . . . . . . . . . . . . . . . . . . . . . . 3-9
Global and Per-Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-9
Configuring the Per-Port Filtering Mode . . . . . . . . . . . . . . . . . . . 3-11
Example of a Basic Connection-Rate Filtering Configuration . . 3-12
Viewing and Managing Connection-Rate Status . . . . . . . . . . . . . . . . . 3-14
Viewing Connection-Rate Configuration . . . . . . . . . . . . . . . . . . . 3-14
Listing Currently-Blocked Hosts . . . . . . . . . . . . . . . . . . . . . . . . . . 3-15
Unblocking Currently-Blocked Hosts . . . . . . . . . . . . . . . . . . . . . . 3-15
Configuring and Applying Connection-Rate ACLs
. . . . . . . . . . . . . . 3-17
Connection-Rate ACL Operation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-18
Configuring a Connection-Rate ACL Using UDP/TCP Criteria . . . . . 3-21
Applying Connection-Rate ACLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-24
Using CIDR Notation To Enter the ACE Mask . . . . . . . . . . . . . . . . . . 3-24
Example of Using an ACL in a Connection-Rate Configuration . . . . 3-25
Connection-Rate ACL Operating Notes . . . . . . . . . . . . . . . . . . . . . . . . 3-27
Содержание E3800 Series
Страница 1: ...HP Switch Software E3800 switches Software version KA 15 03 September 2011 Access Security Guide ...
Страница 2: ......
Страница 3: ...HP Networking E3800 Switches Access Security Guide September 2011 KA 15 03 ...
Страница 30: ...xxviii ...
Страница 86: ...2 36 Configuring Username and Password Security Password Recovery ...
Страница 186: ...4 72 Web and MAC Authentication Client Status ...
Страница 290: ...6 74 RADIUS Authentication Authorization and Accounting Dynamic Removal of Authentication Limits ...
Страница 364: ...8 32 Configuring Secure Shell SSH Messages Related to SSH Operation ...
Страница 510: ...10 130 IPv4 Access Control Lists ACLs General ACL Operating Notes ...
Страница 548: ...11 38 Configuring Advanced Threat Protection Using the Instrumentation Monitor ...
Страница 572: ...12 24 Traffic Security Filters and Monitors Configuring Traffic Security Filters ...
Страница 659: ...14 11 Configuring and Monitoring Port Security Port Security Figure 14 5 Examples of Show Mac Address Outputs ...
Страница 730: ...20 Index ...
Страница 731: ......