Adp; Overview; What You Can Do In This Chapter; What You Need To Know - ZyXEL Communications NXC5200 User Manual
Hide thumbs
Also See for NXC5200:
- Specifications (6 pages) ,
- Specifications (4 pages) ,
- Quick start manual (136 pages)
Table of Contents
Advertisement
C
H A P T E R
22.1 Overview
This chapter introduces ADP (Anomaly Detection and Prevention), anomaly
profiles and applying an ADP profile to a traffic direction. ADP protects against
anomalies based on violations of protocol standards (RFCs – Requests for
Comments) and abnormal flows such as port scans.
ADP and IDP Comparison:
ADP anomaly detection is in general effective against abnormal behavior while IDP
1
packet inspection signatures are in general effective for known attacks (see
Chapter 21 on page 303
ADP traffic and anomaly rules are updated when you upload new firmware. This is
2
different from the IDP packet inspection signatures and the system protect
signatures you download from myZyXEL.com.
22.1.1 What You Can Do in this Chapter
• The General screen
off and applies anomaly profiles to traffic directions.
• The Profile screen
existing profile or deletes an existing profile.
22.1.2 What You Need To Know
The following terms and concepts may help as you read this chapter.
Traffic Anomalies
Traffic anomaly rules look for abnormal behavior or events such as port scanning,
sweeping or network flooding. It operates at OSI layer-2 and layer-3. Traffic
anomaly rules may be updated when you upload new firmware.
NXC5200 User's Guide
for information on packet inspection).
(Section 22.2 on page
(Section 22.3 on page
340) adds new profiles, edits an
22
339) turns anomaly detection on or
ADP
337
Advertisement
Table of Contents
Troubleshooting
