< Home

Configuring IP Reputation

This section describes how to configure IP reputation using the CLI.

Prerequisites

The IP reputation database file has been loaded.

Context

Alarms are generated for network traffic based on the IP address information recorded in the IP reputation database. The current IP reputation database is a set of zombie hosts' IP addresses, and the FW generates alarms for packets sent by these zombie hosts. The IP reputation database supports automatic update.

After the IP reputation function is enabled, the FW matches the source IP address of a packet against the IP reputation database. If a match is found, the FW generates alarms. In addition, exception IP addresses can be configured on the FW. If an exception IP address is configured on the FW, the FW does not generate alarms for the packets sent from the exception IP address.

Procedure

  1. In the user view, access the system view.

    system-view

  2. Enable the IP reputation function.

    anti-ddos ip-reputation enable

  3. Optional: Configure an exception IP address to bypass the IP reputation function.

    anti-ddos ip-reputation exception ip-address ip-address

    A maximum of 64 exception IP addresses can be configured on the FW.

  4. Enable top N IP reputation-caused packets rankings.

    anti-ddos topn-statistic ip-reputation enable

Parent Topic: Configuring the Defense Against Attacks Using the CLI
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >