ZyXEL Communications ZyWALL 1100 User Manual page 331
Zywall/usg series
Hide thumbs
Also See for ZyWALL 1100:
- User manual (994 pages) ,
- Handbook (749 pages) ,
- Reference manual (665 pages)
Table of Contents
Advertisement
Table 135 Configuration > Security Policy > Policy Control > Add (continued)
LABEL
DESCRIPTION
Description
Enter a descriptive name of up to 60 printable ASCII characters for the Policy. Spaces are
allowed.
From
For through-ZyWALL/USG policies, select the direction of travel of packets to which the
policy applies.
To
any means all interfaces.
Device means packets destined for the ZyWALL/USG itself.
Source
Select an IPv4 / IPv6 address or address group object to apply the policy to traffic coming
from it. Select any to apply the policy to all traffic coming from IPv4 / IPv6 addresses.
Destination
Select an IPv4 / IPv6 address or address group to apply the policy to traffic going to it.
Select any to apply the policy to all traffic going to IPv4 / IPv6 addresses.
Service
Select a service or service group from the drop-down list box.
User
This field is not available when you are configuring a to-ZyWALL/USG policy.
Select a user name or user group to which to apply the policy. The Security Policy is
activated only when the specified user logs into the system and the policy will be disabled
when the user logs out.
Otherwise, select any and there is no need for user logging.
Note: If you specified a source IP address (group) instead of any in the field below, the user's
IP address should be within the IP address range.
Schedule
Select a schedule that defines when the policy applies. Otherwise, select none and the
policy is always effective.
Action
Use the drop-down list box to select what the Security Policy is to do with packets that
match this policy.
Select deny to silently discard the packets without sending a TCP reset packet or an ICMP
destination-unreachable message to the sender.
Select allow to permit the passage of the packets.
Log matched
Select whether to have the ZyWALL/USG generate a log (log), log and alert (log alert) or
traffic
not (no) when the policy is matched to the criteria listed above..
UTM Profile
Use this section to apply anti- x profiles (created in the Configuration > UTM Profile
screens) to traffic that matches the criteria above. You must have created a profile first;
otherwise none displays.
Use Log to generate a log (log), log and alert (log alert) or not (no) for all traffic that
matches criteria in the profile.
Application
Select an Application Patrol profile from the list box; none displays if no profiles have been
Patrol
created in the Configuration > UTM Profile > App Patrol screen.
Content
Select a Content Filter profile from the list box; none displays if no profiles have been
Filter
created in the Configuration > UTM Profile > Content Filter screen.
IDP
Select an IDP profile from the list box; none displays if no profiles have been created in the
Configuration > UTM Profile > IDP screen.
Anti-Virus
Select an Anti-Virus profile from the list box; none displays if no profiles have been created
in the Configuration > UTM Profile > Anti-Virus screen.
Anti-Spam
Select an Anti-Spam profile from the list box; none displays if no profiles have been created
in the Configuration > UTM Profile > Anti-Spam screen.
SSL
Select an SSL Inspection profile from the list box; none displays if no profiles have been
Inspection
created in the Configuration > UTM Profile > SSL Inspection screen.
OK
Click OK to save your customized settings and exit this screen.
Cancel
Click Cancel to exit this screen without saving.
Chapter 19 Security Policy
ZyWALL/USG Series User's Guide
331
- Quick Links:
- Web Configurator
- Web Configurator Access
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
