< Home

ec-analytics enable

Function

The ec-analytics enable command enables the ECA function on an interface.

The undo ec-analytics enable command disables the ECA function on an interface.

By default, the ECA function is disabled.

Format

ec-analytics enable [ inbound | outbound ]

undo ec-analytics enable [ inbound | outbound ]

Parameters

Parameter Description Value

inbound

Enables ECA traffic in the inbound direction.

-

outbound

Enables ECA for traffic in the outbound direction.

-

Views

GE interface view, XGE interface view, MultiGE interface view, 25GE interface view, VLANIF interface view, port group view

Default Level

2: Configuration level

Usage Guidelines

To analyze encrypted traffic on a network and identify malicious communications in the encrypted traffic, you can run the ec-analytics enable command on an interface to enable the ECA function.

Precautions

  • If the traffic direction is not specified, ECA is performed for traffic in both direction by default.
  • If it is confirmed that firewalls have been deployed at the network egress, you are advised to enable ECA only for traffic in the inbound direction.
  • When ECA is enabled on both upstream and downstream interfaces, only upstream interfaces take effect.

Example

# Enable the ECA function for traffic in the inbound direction of GE0/0/1.

<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] ec-analytics enable inbound
Parent Topic: ECA Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >