attack-defense local apply policy

Use attack-defense local apply policy to apply an attack defense policy to the device.

Use undo attack-defense local apply policy to restore the default.


attack-defense local apply policy policy-name

undo attack-defense local apply policy


No attack defense policy is applied to the device.


System view

Predefined user roles




policy-name: Specifies an attack defense policy by its name. The policy name is a case-insensitive string of 1 to 31 characters. Valid characters include uppercase and lowercase letters, digits, underscores (_), and hyphens (-).

Usage guidelines

An attack defense policy applied to the device itself detects packets destined for the device and prevents attacks targeted at the device.

A switch uses hardware to implement packet forwarding and uses software to process packets if the packets are destined for the switch. The software does not provide any attack defense features, so you must apply an attack defense policy to the switch to prevent attacks aimed at the switch.

Each device can have only one attack defense policy applied. If you execute this command multiple times, the most recent configuration takes effect.


# Apply attack defense policy atk-policy-1 to the device.

<Sysname> system-view
[Sysname] attack-defense local apply policy atk-policy-1

Related commands

attack-defense policy

display attack-defense policy