Attack detection and prevention tasks at a glance

To configure attack detection and prevention, perform the following tasks:

1. Configuring and applying an attack defense policy

   1. Creating an attack defense policy

   2. Configuring an attack defense policy

      Choose the following tasks as needed:

      • Configuring a single-packet attack defense policy

      • Configuring a scanning attack defense policy

      • Configuring a flood attack defense policy

   3. (Optional.) Configuring attack detection exemption

   4. Applying an attack defense policy to the device

2. (Optional.) Enabling log non-aggregation for single-packet attack events

3. (Optional.) Configuring TCP fragment attack prevention

   Typically, this feature is separately used.

4. (Optional.) Configuring the IP blacklist feature

   Use this feature separately or jointly with a scanning attack defense policy.

5. (Optional.) Configuring the login attack prevention feature

   Typically, this feature is separately used.

   • Configuring login attack prevention

   • Enabling the login delay