Configuring SA
Context
SA configuration involves the following tasks:
- Setting the resource allocation mode of the switch to sac
- Enabling the Intelligent Awareness Engine (IAE)
- Enabling the SA function on an interface
Pre-configuration Tasks
SAC identifies applications through the application signature database. By default, the system software has an embedded signature database file. After the IAE is enabled, the system automatically loads the embedded application signature database file. To use a signature database file of a later version, upgrade the signature database file according to Upgrading the SA-SDB in "ECA Configuration" in the S2720, S5700, and S6700 V200R019C10 Configuration Guide - Network Management and Monitoring Configuration Guide. The remaining memory space of the device must be greater than the size of the signature database file that is used. Otherwise, the signature database file fails to be loaded.
Procedure
- Run system-view
The system view is displayed.
- Run assign resource-modesac
The resource allocation mode is set to sac for the switch.
After the resource allocation mode is set to sac, you need to save the configuration and restart the switch for the configuration to take effect.
To check the resource allocation mode on a switch, run the display resource-mode configuration command.
- Enable the IAE.
- Run interface interface-type interface-number
The interface view is displayed.
- Run service-awareness enable
The SA function is enabled.
The SA function can be enabled only on physical interfaces, VLANIF interfaces, and port groups. If the SA function is enabled on a VLANIF interface, you do not need to enable it on the physical interface of the VLAN corresponding to the VLANIF interface. If the SA function needs to be enabled on a large number of interfaces, you can add the interfaces to a port group and enable the SA function in the port group, which simplifies operations.
- Run quit
The system view is displayed.