Cisco Cisco Packet Data Interworking Function (PDIF)
ACS Ruledef Configuration Mode Commands
p2p behavioral ▀
Command Line Interface Reference, StarOS Release 17 ▄
999
p2p behavioral
This command allows you to define rule expressions to match behavioral detection type — P2P, Video, VoIP,
Behavioral Upload or Behavioral Download.
Behavioral Upload or Behavioral Download.
Product
ACS, ADC
Privilege
Security Administrator, Administrator
Mode
Exec > ACS Configuration > Ruledef Configuration
active-charging service service_name > ruledef ruledef_name
Entering the above command sequence results in the following prompt:
[local]host_name(config-acs-ruledef)#
Syntax
[ no ] p2p behavioral operator behavioral_list
no
If previously configured, deletes the specified rule expression from the current ruledef.
operator
Specifies how to match.
operator
must be one of the following:
!=: Does not equal
=: Equals
behavioral_list
Specifies the behavior to match. The behavioral list is the list of supported behavioral detection logic
populated from the currently loaded ADC plugin.
populated from the currently loaded ADC plugin.
behavioral_list
must be one of the following:
download: Detects unknown flows which are data download using behavioral analysis
p2p: Detects P2P/file sharing protocols using behavioral analysis
upload: Detects unknown flows which are data upload using behavioral analysis
video: Detects video flows using behavioral analysis
voip: Detects VoIP (voice and video) protocols using behavioral analysis
Usage
Use this command to define rule expressions to detect behavioral protocols. Behavioral P2P and behavioral
VoIP are meant for zero day detection of P2P/file sharing protocols and VoIP traffic respectively. Behavioral
upload/download is similar to client-server upload/download using HTTP, FTP, SFTP, etc. It must also detect
flows of non-standard ports which ECS cannot detect and falls under the client-server model. This feature is
VoIP are meant for zero day detection of P2P/file sharing protocols and VoIP traffic respectively. Behavioral
upload/download is similar to client-server upload/download using HTTP, FTP, SFTP, etc. It must also detect
flows of non-standard ports which ECS cannot detect and falls under the client-server model. This feature is