The attack-detect cpu-usage-threshold command configures the interface board CPU usage threshold for attack detection.
The undo attack-detect cpu-usage-threshold command restores the default interface board CPU usage threshold for attack detection.
By default, the CPU usage threshold for attack detection is 50%
Usage Scenario
The security Operating Center (SOC) determines whether the system is being attacked based on the CPU usage. To correctly detect attacks on a live network, you must set proper CPU usage thresholds for security attack events. The interface board CPU usage of boards vary for different networkings in different scenarios. Therefore, in special cases, you need to change the threshold to accurately determine attack events.
Precautions
In VS mode, this command is supported only by the admin VS.
If the configured CPU usage threshold is too high, some minor security attack events may fail to be detected. If the configured CPU usage threshold is too low, some security attack events may be mistakenly reported, affecting network maintenance and management. Therefore, set the CPU usage threshold based on accumulated experience to minimize the negative impact of parameter configuration.