Chapter 4 Zone Configuration
Basic Zone Configuration
•Removing a Zone IP Address
•Removing all Zone IP Addresses
Defining a New Zone
The Detector enables the user to define a new zone based on a variety of templates.
To define a new zone perform the following:
1.From the Configuration command group level type the following:
admin@DETECTOR-conf# zone <new-zone-name> [<template>copy-from<base-zone-name>][interactive]
Where:
–new-zone-name—A zone name string. An alphanumeric string should start with a letter, hold no spaces, and should be limited to a length of up to 63 characters. The string may contain underscores.
–template—(Optional) A template that defines the zone configuration. Options are:
Default —The Guard default zone template
Bandwidth-limited Link Templates—Templates designed and specifically tailored for detection of large subnets segmented according to zones with known bandwidth. Detection on zones defined by these templates can be assumed without undergoing the learning process. It is recommended to define such a zone with protect-ip-state of only-dest-ip (see the “Guard-Protection Activation Forms” section for further details). The following bandwidth-limited link templates are available for 128K, 1M, 4M, and 512K links respectively: LINK_128K, LINK_1M, LINK_4M, and LINK_512K.
Note Learning Phase 1, policy construction, cannot be performed for these templates.
| Cisco Traffic Anomaly Detector User Guide |
4-2 | OL-6109-01 |