Cisco Systems OL-6109-01 manual Defining a New Zone

Page 2

Chapter 4 Zone Configuration

Basic Zone Configuration

Removing a Zone IP Address

Removing all Zone IP Addresses

Defining a New Zone

The Detector enables the user to define a new zone based on a variety of templates.

To define a new zone perform the following:

1.From the Configuration command group level type the following:

admin@DETECTOR-conf# zone <new-zone-name> [<template>copy-from<base-zone-name>][interactive]

Where:

new-zone-name—A zone name string. An alphanumeric string should start with a letter, hold no spaces, and should be limited to a length of up to 63 characters. The string may contain underscores.

template—(Optional) A template that defines the zone configuration. Options are:

Default —The Guard default zone template

Bandwidth-limited Link Templates—Templates designed and specifically tailored for detection of large subnets segmented according to zones with known bandwidth. Detection on zones defined by these templates can be assumed without undergoing the learning process. It is recommended to define such a zone with protect-ip-state of only-dest-ip (see the “Guard-Protection Activation Forms” section for further details). The following bandwidth-limited link templates are available for 128K, 1M, 4M, and 512K links respectively: LINK_128K, LINK_1M, LINK_4M, and LINK_512K.

Note Learning Phase 1, policy construction, cannot be performed for these templates.

 

Cisco Traffic Anomaly Detector User Guide

4-2

OL-6109-01

Page 1 Page 3
Image 2
Page 1 Page 3
Contents Zone Configuration Basic Zone ConfigurationDefining a New Zone Duplicating a Zone Removing a Zone Removing All Zones Displaying Zone TemplatesEntering a Zone Command Level Describing a Zone Defining the Zone IP AddressRemoving a Zone IP Address Zone Remote Guard List Removing all Zone IP AddressesAdding a Guard to the Zone Remote Guard List Removing a Guard from the Zone Remote Guard ListInteractive Recommendations Mode Activating the Interactive Recommendation ModeDeactivating the Interactive Recommendation Mode Zone Traffic LearningLearning Phase 1 Policy Construction Terminating Learning Phase 1 -Policy Construction Accepting Learning Phase 1 Policy Construction Aborting Learning Phase 1 Policy ConstructionLearning Phase 2 Threshold Tuning Terminating Learning Phase 2 Threshold Tuning Accepting Learning Phase 2 Threshold TuningLearning Phase Verification Aborting Learning Phase 2 Tuning ThresholdZone Detection Choose ENTER. The following partial sample screen appearsGuard-Protection Activation Forms Zone Detection Verification Ending the Zone Detection
Top Page Image Contents