Use the blacklist-timer command to configure the maximum amount of time a device can be blacklisted. The blacklist-timer command is accessible from the mitigator:scprof:<named scan profile> context and the mitigator:gsprof:<named guardian scan profile> context of the CLI.
The blacklist-timer command takes effect after dosa (which removes network access from clients originating DoS attacks) is enabled.
After you run the blacklist-timer command, run the apply command to implement the change.
900-86400 | The maximum amount of time, in seconds, a device can be blacklisted. Valid values are not less than 900, or greater than 86400 seconds. |
The following example configures blacklisting of a device to a maximum of 2000 seconds:
EWC.extremenetworks.com:mitigator:scprof:scp_name# blacklist-timer 2000 EWC.extremenetworks.com:mitigator:scprof:scp_name# apply