Applying an attack defense policy to an interface
An attack defense policy does not take effect unless you apply it to an interface.
If you apply an attack defense policy to a global interface, specify a service card to process traffic for the interface. If you do not specify a service card, the policy cannot correctly detect and prevent scanning and flood attacks.
To apply an attack defense policy to an interface:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Enter system view. | interface interface-type interface-number | N/A |
3. Apply an attack defense policy to the interface. | attack-defense apply policy policy-name | By default, no attack defense policy is applied to the interface. |
4. (Optional.) Specify a traffic processing slot for the interface. |
| By default, no traffic processing slot is specified for an interface. Traffic on an interface is processed on the slot at which the traffic arrives. |