Command Line Interface Reference Guide > The Configuration Menu > /cfg/security/defnsmsg Defense Messaging Menu
/cfg/security/defnsmsg
Defense Messaging Menu
The Alteon Defense Messaging mechanism lets you define alerts to be sent when specific anomalies occur in network traffic. Network traffic parameters are examined and compared with predefined policies to decide if an alert is generated.
The network traffic parameters examined include:
*Bandwidth
*Packets per second (PPS)
*Connections per second (CPS)
*Latency
Alerts can be generated for two conditions:
*When the measured parameter value crosses a predefined maximum threshold.
*When the measured parameter, after crossing a minimum threshold, then, during a set time period, crosses a predefined percentage when compared to the value measured during a previous time period.
Alerts can be issued using either a syslog server or an SNMP trap server.
 
[Defense Messaging Menu]
      syslog   - Set security syslog host address
      trap     - Set SNMP trap host address
      signal   - Enable/disable Defense Messaging
      periodic - Set periodic security updates interval
      secp - Security Policies Menu
      cur - Display current Defense Messaging configuration
 
Defense Messaging Menu Options (/cfg/security/defnsmsg) 
Command Syntax and Usage
syslog <Security Syslog host IP address (v4 or v6)> <Severity[0-7]> <facility[0-7]>
 
Specifies the security syslog host address (IPv4 or IPv6), severity and syslog facility code.
Note: When upgrading to versions 30.5.7/31.0.4 or later, ensure that the default syslog port, 514, has not been changed, or, if it has, return it to port 514.
The severity level is the lowest severity messages that Alteon sends to the syslog server.
Values: 0-7:
*0 (Emergency) — The system is unusable.
*1 (Alert) — Corrective action must be taken immediately.
*2 (Critical) — The condition of the system is critical.
*3 (Error) — The system has errors that should be corrected.
*4 (Warning) — The system is sending a warning.
*5 (Notice) — The condition of the system is normal, but with significant conditions that need attention.
*6 (Informational) — The system is working, but sending information about certain unfavorable conditions.
*7 (Debug) — The system is sending debug-level messages.
trap
 
Specifies the security SNMP trap host IP address (IPv4 or IPv6).
signal disable|enable
 
Enables/disables defense messaging.
periodic
 
Sets the time interval (in minutes) to operate the periodic security updates.
A status “info” message will be automatically sent at the defined interval listing the security status.
Additionally, using the command stats/slb/security/virt, you can see the security status of all the services in the virtual server that have a security policy attached and enabled.
This command is available only when defense messaging is enabled.
Values: 0-60 (0 specifies no periodic update)
Default: 60
secp
 
Displays the Security menu. To view this menu, see /cfg/security/defnsmsg/secp Security Policy Menu.
cur
 
Displays the current defense messaging configuration.