ZyXEL Communications ZyWall USG 2000 User Manual page 579
Unified security gateway
Hide thumbs
Also See for ZyWall USG 2000:
- User manual (1081 pages) ,
- Manual (964 pages) ,
- Support notes (227 pages)
Table of Contents
Advertisement
Table 155 Configuration > Anti-X > IDP > Profile > Group View (continued)
LABEL
Action
#
Status
Service
Message
SID
Severity
Policy Type
ZyWALL USG 2000 User's Guide
DESCRIPTION
To edit what action the ZyWALL takes when a packet matches a signature,
select the signature and use the Action icon.
none: Select this action on an individual signature or a complete service
group to have the ZyWALL take no action when a packet matches the
signature(s).
drop: Select this action on an individual signature or a complete service
group to have the ZyWALL silently drop a packet that matches the
signature(s). Neither sender nor receiver are notified.
reject-sender: Select this action on an individual signature or a com plete
service group to have the ZyWALL send a reset to the sender when a
packet matches the signature. If it is a TCP attack packet, the ZyWALL will
send a packet with a 'RST' flag. If it is an ICMP or UDP attack packet, the
ZyWALL will send an ICMP unreachable packet.
reject-receiver: Select this action on an individual signature or a
complete service group to have the ZyWALL send a reset to the receiver
when a packet matches the signature. If it is a TCP attack packet, the
ZyWALL will send a packet with an a 'RST' flag. If it is an ICMP or UDP
attack packet, the ZyWALL will do nothing.
reject-both: Select this action on an individual signature or a complete
service group to have the ZyWALL send a reset to both the sender and
receiver when a packet matches the signature. If it is a TCP attack packet,
the ZyWALL will send a packet with a 'RST' flag to the receiver and sender.
If it is an ICMP or UDP attack packet, the ZyWALL will send an ICMP
unreachable packet.
This is the entry's index number in the list.
The activate (light bulb) icon is lit when the entry is active and dimmed
when the entry is inactive.
Click the + sign next to a service group to expand it. A service group is a
group of related IDP signatures.
This is the name of the signature.
This is the signature ID (identification) number that uniquely identifies a
ZyWALL signature.
These are the severities as defined in the ZyWALL. The number in brackets
is the number you use if using commands.
Severe (5): These denote attacks that try to run arbitrary code or gain
system privileges.
High (4): These denote known serious vulnerabilities or attacks that are
probably not false alarms.
Medium (3): These denote medium threats, access control attacks or
attacks that could be false alarms.
Low (2): These denote mild threats or attacks that could be false alarms.
Very Low (1): These denote possible attacks caused by traffic such as
Ping, trace route, ICMP queries etc.
This is the attack type as defined on the ZyWALL. See
580
for a description of each type.
Chapter 34 IDP
Table 156 on page
579
Advertisement
Table of Contents
Troubleshooting
Related Manuals for ZyXEL Communications ZyWall USG 2000
Related Products for ZyXEL Communications ZyWall USG 2000
- ZyXEL Communications ZYWALL USG 20W
- ZyXEL Communications USG210
- ZyXEL Communications ZyWall USG20W-VPN
- ZyXEL Communications ZyWall USG20-VPN
- ZyXEL Communications ZYWALL USG 300
- ZyXEL Communications USG-50 - V2.21 ED 1
- ZyXEL Communications USG-100@USG-200 - V2.20 ED 2
- ZyXEL Communications USG-300 - V2.20 ED 2