HP VPN Firewall Appliances Attack Protection Command Reference
11
[Sysname] attack-defense policy 1
[Sysname-attack-defense-policy-1] defense scan enable
# Set the connection rate threshold for triggering scanning attack protection to 2000 connections per
second.
[Sysname-attack-defense-policy-1] defense scan max-rate 2000
# Enable the blacklist function for scanning attack protection, and specify the blacklist entry aging time
as 20 minutes.
[Sysname-attack-defense-policy-1] defense scan add-to-blacklist
[Sysname-attack-defense-policy-1] defense scan blacklist-timeout 20
[Sysname-attack-defense-policy-1] quit
# Enable the blacklist function globally to make the blacklist function for scanning attack protection take
effect.
[Sysname] blacklist enable
Related commands
• blacklist enable
• defense scan blacklist-timeout
• defense scan enable
• defense scan max-rate
defense scan blacklist-timeout
Use defense scan blacklist-timeout to specify the aging time for entries blacklisted by scanning attack
protection.
Use undo defense scan blacklist-timeout to restore the default, which is 10 minutes.
Syntax
defense scan blacklist-timeout minutes
undo defense scan blacklist-timeout
Views
Attack protection policy view
Default command level
2: System level
Parameters
minutes: Specifies the aging time of blacklist entries, in the range of 1 to 1000, in minutes.
Examples
# Set the aging time for entries blacklisted by the scanning attack protection function to 20 minutes.
<Sysname> system-view
[Sysname] attack-defense policy 1
[Sysname-attack-defense-policy-1] defense scan blacklist-timeout 20
Related commands
• blacklist enable
• defense scan add-to-blacklist