Table of Contents
Advertisement
www.zyxel.com
Go to the ZyWALL/USG Monitor > Log, you will see [warn] log message such as
below.
Monitor > Log
What Could Go Wrong?
You may find that certain rules are triggering too many false positives or false
negatives. A false positive is when valid traffic is flagged as an attack. A false
negative is when invalid traffic is wrongly allowed to pass through the
ZyWALL/USG. As each network is different, false positives and false negatives are
common on initial ADP deployment. You could create a new 'monitor profile'
that creates logs but all actions are disabled. Observe the logs over time and try
to eliminate the causes of the false alarms. When you're satisfied that they have
been reduced to an acceptable level, you could then create an 'inline profile'
whereby you configure appropriate actions to be taken when a packet matches
a detection.
537/810
Advertisement
Table of Contents
