< Home

deception enable

Function

The deception enable command enables the deception function.

The undo deception enable command disables the deception function.

By default, the deception function is disabled.

Format

deception enable

undo deception enable

Parameters

None

Views

Deception view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After deception is enabled, the DecoySensor identifies IP address and TCP port scanning activities on the network and lures suspicious traffic to the Decoy. If the configuration is incorrect, normal network traffic may be affected. Before enabling deception, run the display this command in the deception view to confirm the deception configuration.

Prerequisites

  • The optimized ARP reply function has been disabled using the arp optimized-reply disable command, and the VLANIF interface has been configured to send ARP packets destined for other devices to the CPU using the undo arp optimized-passby enable command.
  • You have configured deception detect-network or deception decoy-network, or both of them. Otherwise, the deception function does not take effect.

Example

# Enable the deception function.

<HUAWEI> system-view
[HUAWEI] deception
[HUAWEI-deception] deception enable
Parent Topic: Network Deception Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >