A device with port attack defense enabled identifies attacks by analyzing sampled packets. A proper packet sampling ratio can reduce the errors in attack packet identification and packet rate calculation.
A small sampling ratio improves attack defense accuracy, but consumes more CPU resources. For example, when the sampling ratio is set to 1, the device analyzes every packet. The attack packets can be detected quickly, but CPU usage becomes high and services are affected. Therefore, balance between the attack defense precision and CPU usage when setting a sampling ratio.
The system view is displayed.
The attack defense policy view is displayed.
The protocol packet sampling ratio for port attack defense is set.
By default, the protocol packet sampling ratio for port attack defense is 5. That is, one packet is sampled when every 5 packets are received.