Ruijie Community

Title: How to prevent attack on Ruijie EG? [Print this page]

Author: GTAC-Jenny Time: 2022-3-6 19:23
Title: How to prevent attack on Ruijie EG?
You can configure IPS on Ruijie EG:
Attack defense canclassify, filter, and limit the rate of data packets that need to be processed at the control layer, so as to control data packets and prevent attacks, thereby protecting key resources at the control layer.
The IPS page is shown in the figure below:

1.ARP attack defense

ARP attack is an attack technology against the Ethernet Address Resolution Protocol (ARP). With this attack, attackers can obtain encapsulated data packets on the LAN and even tamper the packets, and disconnect specific PCs or all PCs on the network.

ARP Spoofing Detection: Select

to limit the rate of ARP packets received locally. Up to 10 ARP packets are processed per second, and excessive ARP packets will be filtered out.

ARP Spoofing List: Click

to list the hosts that are suspected to initiate ARP spoofing.
2.Flow attack defense

Flow Attack Defense: Select

to enable flow attack defense. Flow attack packets that are beyond the threshold are dropped. An average of 200 packets are dropped persecond and 300 packets are allowed to be dropped upon traffic burst.
Attack Flow Logs: Click to display logs about current attacks or click to display logs about historical attacks of the system.
3.Other attack defense

Disable Ping: Select to forbid LAN users or WAN users from pinging the device.

Disable Web GUI Access: Select LAN User in

to forbid LAN users from logging in to the Web management system of the device. Select WAN User in to forbid WANusers from logging in

forbid WAN users from logging in to the Web management system of the device.

Add IP Whitelist: Please enter the IP addresses of administrators, that is, IP addresses exempt from rate limit, so asto improve the device management efficiency for administrators. Click

to display and manage IP addresses

Web Access Port: The default port ID is 80. If you change the port ID, you need to add the port ID to the URL in the address bar when managing the device, that is, you need to enter http://ip addres:access portin the address bar to access the device.

Welcome to Ruijie Community (https://community.ruijienetworks.com/)