Attackers may send a large number of packets to attack network devices' CPUs. You can configure attack source tracing and set an alarm threshold for attack source tracing so that the device can analyze packets sent to the CPU. If the number of protocol packets sent from an attack source in a specified period exceeds the alarm threshold, the device sends logs or alarms to notify the administrator so that the administrator can take measures to prevent attacks.