Chapter 37 Idp; Overview; What You Can Do In This Chapter; What You Need To Know - ZyXEL Communications USG40 User Manual

Zywall/usg series

Hide thumbs Also See for USG40:

User manual (742 pages)

Handbook (810 pages)

Reference manual (665 pages)

Table of Contents

This chapter introduces packet inspection IDP (Intrusion, Detection and Prevention), IDP profiles,

binding an IDP profile to a traffic flow, custom signatures and updating signatures. An IDP system

can detect malicious or suspicious packets and respond instantaneously. IDP on the ZyWALL/USG

protects against network-based intrusions.

• Use the UTM Profile > IDP > Profile screen

and signature information. Click the Add or Edit icon in this screen to bind an IDP profile to a

traffic direction.

• Use the UTM Profile > IDP > Profile > Add screen

profile, edit an existing profile or delete an existing profile.

• Use the UTM Profile > IDP > Custom Signature screens

a new custom signature, edit an existing signature, delete existing signatures or save signatures

to your computer.

Packet Inspection Signatures

A signature identifies a malicious or suspicious packet and specifies an action to be taken. You can

change the action in the profile screens. Packet inspection signatures examine OSI (Open System

Interconnection) layer-4 to layer-7 packet contents for malicious data. Generally, packet inspection

signatures are created for known attacks while anomaly detection looks for abnormal behavior.

Applying Your IDP Configuration

Changes to the ZyWALL/USG's IDP settings affect new sessions (not the sessions that already

existed before you applied the changed settings).

• Register for a trial IDP subscription in the Registration screen. This gives you access to free

signature updates. This is important as new signatures are created as new attacks evolve. When

the trial subscription expires, purchase and enter a license key using the same screens to

continue the subscription.

(Section 37.2 on page

ZyWALL/USG Series User's Guide

644) to view registration

(Section 37.2.2 on page

646) to add a new

(Section 37.3 on page

655) to create

Show Quick Links

Table of Contents

Troubleshooting

Chapter 37 Idp; Overview; What You Can Do In This Chapter; What You Need To Know - ZyXEL Communications USG40 User Manual

37.1 Overview

37.1.1 What You Can Do in this Chapter

37.1.2 What You Need To Know

37.1.3 Before You Begin

Hide quick links:

Troubleshooting

Related Manuals for ZyXEL Communications USG40

Related Content for ZyXEL Communications USG40

This manual is also suitable for:

Table of Contents