Overview of SOC


To determine whether the NetEngine 8000 F is under attack, the Security Operating Center (SOC) constantly monitors statistics collected by security detection modules, service modules, and system monitoring modules.

If the system is under attack, the SOC tracks the source of the attack. To help administrators quickly rectify faults and restore services, the SOC samples attack packets to determine where the attack source is located and the cause of the attack.

A large number of protocol packets and control messages are sent to the control plane of the NetEngine 8000 F in one of the following scenarios:

  • The NetEngine 8000 F is maliciously flooded with packets.
  • A host on the network is infected with viruses.
  • A loop occurs on the network.

If the number of protocol packets and control messages sent to the NetEngine 8000 F exceeds the processing capacity of the CPU on the control plane, performance deteriorates and services on the NetEngine 8000 F are affected or even interrupted.


The SOC simplifies security maintenance. It generates concise attack reports based on intelligent checks and analysis, and allows administrators to easily locate sources of attack.


The SOC offers the following benefits to carriers:

  • Monitors system security in real time and prevents lengthy service interruptions due to attacks.
  • Generates alarms and logs and rapidly determines the source and cause of the attack, allowing maintenance personnel to easily locate and rectify faults.
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
Next topic >