The attack-defend user-disable-group command configures a user-defined group for which attack defense is disabled and displays the user-defined group view.
The undo attack-defend user-disable-group command cancels the configuration.
By default, user-defined groups for which attack defense is disabled are not configured.
Usage Scenario
After attack defense is enabled on a device, the SOC automatically delivers attack defense policies if the device is being attacked. This function isolates attacks or protects the device against attacks. To prevent the SOC from delivering attack defense policies when the device receives specific protocol packets, run the
attack-defend user-disable-group command to configure a user-defined group for which attack defense is disabled and specify specific protocols for the user-defined group. You can specify the following protocols for a user-defined group: FTP server, FTP client, SSH server, SSH client, SNMP, Telnet server, Telnet client, TFTP, BGP, LDP, RSVP, OSPFv2, RIP, OSPFv3, MSDP, PIM, IGMP, IS-IS, PIMv6, RADIUS, HWTACACS, LSP ping, ICMP, VRRP, BFD, DHCP, DNS client, Telnetv6 server, Telnetv6 client, ICMPv6, DNSv6, SSHv6 server, FTPv6 server, FTPv6 client, LACP, and BGPv6. For example, you can perform the following steps to prevent the SOC from delivering attack defense policies when the device receives DHCP protocol packets:In VS mode, this command is supported only by the admin VS.