Protecting the user
Example To block the W32.Slammer worm on port 1, which does not have an SQL client or server attached to it:
create classifier=1 udpdport=1434 protocol=ip iport=1 add switch hwfilter classifier=1 action=discard
Blocking worms through QoS actions
On
Configuration 1. Find out which UDP or TCP port the worm attacks.
2.Create a classifier to match traffic using that UDP or TCP port.
3.Create a flow group with an action of discard and add the classifier to it.
4.Create the rest of the QoS
Products
Software Versions
2.7.3 or later
5.Apply the policy to the target switch ports (but not to ports that are attached to clients who legitimately need to access the UDP or TCP port).
On these switches, AlliedWare classifiers offer a large range of matchable fields, including destination port, source port, IPX, interface, TOS, DSCP value, and MAC source or destination addresses. Once the classifier has selected a matched packet, what happens to it can vary from discarding or forwarding it, to marking the DSCP value, and many other alternatives.
Example To block the W32.Slammer worm on port 1, which does not have an SQL client or server attached to it:
create class=1 udpd=1434
create qos flow=1 action=discard create qos trafficclass=1 create qos policy=1
add qos flow=1 class=1
add qos trafficclass=1 flow=1 set qos port=1 policy=1
Create A Secure Network With Allied Telesis Managed Layer 3 Switches | 26 |
