This section describes the default mode of handling protocol packets when association between the application layer and lower layers is enabled whereas no upper layer protocol is enabled.
The system view is displayed.
An attack defense policy is created and the attack defense view is displayed.
The application layer association is enabled.
To disable application layer association, you need to run the application-apperceive disable command.
The default mode of processing the packets to be sent to the CPU through application layer association is set. The default mode can be drop or min-to-cp.
The advantage of the min-to-cp mode is that when a certain protocol for application layer association is disabled because of attack, you can gather information about the attack through attack source tracing. If the default mode is set to drop, the possibility of being attacked is reduced, but the attack source may be untraceable. You can select either mode as required.
The configuration is committed.