H3C Technologies H3C WX3000E Series Wireless Switches User Manual

Page 198

Advertising
background image

177

Table 67 Configuration items

Item Description

Source
MAC

Address

Attack
Detection

Detection Mode

Select the detection mode for source MAC address based ARP attack
detection:

Disable—The source MAC address attack detection is disabled.

Filter Mode—The device generates an alarm and filters out ARP packets

sourced from a MAC address if the number of ARP packets received from

the MAC address within five seconds exceeds the specified value.

Monitor Mode—The device only generates an alarm if the number of
ARP packets sent from a MAC address within five seconds exceeds the
specified value.

Aging Time

Enter the aging time of the source MAC address based ARP attack detection
entries.

Threshold

Enter the threshold of source MAC address based ARP attack detection.

Protected MAC
Configuration

To add a protected MAC address:

1.

Expand Protected MAC Configuration to display information, as shown

in

Figure 144

.

2.

Enter a MAC address.

3.

Click Add to add a protected MAC address.

A protected MAC address is excluded from ARP attack detection even if it is
an attacker. You can specify certain MAC addresses as a protected MAC

address, for example, a gateway or a specific server.

Enable ARP Packet Active
Acknowledgement

Enable or disable ARP packet active acknowledgement.

Enable Source MAC Address
Consistency Check

Enable or disable source MAC address consistency check.

Figure 144 Protected MAC configuration

Advertising
This manual is related to the following products:

H3C WX5500E Series Access Controllers, H3C WX3500E Series Access Controllers, H3C WX2500E Series Access Controllers, H3C WX6000 Series Access Controllers, H3C WX5000 Series Access Controllers, H3C LSUM3WCMD0 Access Controller Module, H3C LSUM1WCME0 Access Controller Module, H3C LSRM1WCM2A1 Access Controller Module

Popular Brands
Popular manuals