< Home

sa cache enable

Function

The sa cache enable command enables application identification acceleration.

The undo sa cache enable command disables application identification acceleration.

By default, application identification acceleration is disabled.

Format

sa cache [ risk-level { low | high } ] enable

undo sa cache enable

Parameters

Parameter Description Value
risk-level Indicates the risk level of the SA cache. -
low Indicates that the risk level is low. -
high Indicates that the risk level is high. -

Views

SA view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After application identification acceleration is enabled, the system generates an association entry for an identified application. The follow-up traffic matching the entry is identified as the application without additional application identification, which accelerates application identification.

You can set parameter risk-level to control the risk level of the SA module acceleration identification. If risk-level is set to low, high-risk acceleration cache entries are not generated. If risk-level is set to high or no risk level is specified, low-risk and high-risk acceleration cache entries are generated.

Application identification acceleration applies only to predefined applications of non-multi-channel protocols.

Enabling application identification acceleration increases the efficiency but also the false positive rate. If the acceleration cache risk is set to high, the false positive rate is also high.

Prerequisites

Before running this command, you must run the defence engine enable command to enable the IAE.

Example

# Enable application identification acceleration.

<HUAWEI> system-view
[HUAWEI] defence engine enable
[HUAWEI] sa
[HUAWEI-sa] sa cache enable
Parent Topic: ECA Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >