R3721-F3210-F3171-HP High-End Firewalls Attack Protection Configuration Guide-6PW101
40
Displaying intrusion detection statistics
NOTE:
The intrusion detection configuration is available only in the web interface.
Overview
Intrusion detection is an important network security feature. By analyzing the contents and behaviors of
packets passing by, it can determine whether the packets are attack packets and take actions
accordingly as configured. Supported actions include outputting alarm logs, discarding packets, and
adding the attacker to the blacklist.
The intrusion detection statistics reflect the counts of attacks as per attack type, and the counts of attack
packets dropped, helping you analyze the intrusion types and quantities present to generate better
network security policies.
NOTE:
For information about packet inspection, see " Configuring packet inspection." For information about
traffic abnormality detection, see " Configuring traffic abnormality detection."
Configuration procedure
To view intrusion detection statistics, select Intrusion Detection > Statistics in the navigation tree to enter
the intrusion detection statistics page, as shown in Figure 49.
Select a zone to view the counts of attacks
and the counts of dropped packets in the security zone. Table 15 de
scribes the attack types.