Anomaly Detection And Prevention Overview - ZyXEL Communications USG40 User Manual
Zywall/usg series
Hide thumbs
Also See for USG40:
- User manual (742 pages) ,
- Handbook (810 pages) ,
- Reference manual (665 pages)
Table of Contents
Advertisement
Table 197 Configuration > Security Policy > Policy Control > Add (continued)
LABEL
User
Schedule
Action
Log matched
traffic
UTM Profile
Application
Patrol
Content
Filter
IDP
Anti-Virus
Anti-Spam
SSL
Inspection
OK
Cancel
28.5 Anomaly Detection and Prevention Overview
Anomaly Detection and Prevention (ADP) protects against anomalies based on violations of protocol
standards (RFCs – Requests for Comments) and abnormal flows such as port scans. This section
introduces ADP, anomaly profiles and applying an ADP profile to a traffic direction.
Chapter 28 Security Policy
DESCRIPTION
This field is not available when you are configuring a to-ZyWALL/USG policy.
Select a user name or user group to which to apply the policy. The Security Policy is
activated only when the specified user logs into the system and the policy will be disabled
when the user logs out.
Otherwise, select any and there is no need for user logging.
Note: If you specified a source IP address (group) instead of any in the field below, the user's
IP address should be within the IP address range.
Select a schedule that defines when the policy applies. Otherwise, select none and the
policy is always effective.
Use the drop-down list box to select what the Security Policy is to do with packets that
match this policy.
Select deny to silently discard the packets without sending a TCP reset packet or an ICMP
destination-unreachable message to the sender.
Select reject to discard the packets and send a TCP reset packet or an ICMP destination-
unreachable message to the sender.
Select allow to permit the passage of the packets.
Select whether to have the ZyWALL/USG generate a log (log), log and alert (log alert) or
not (no) when the policy is matched to the criteria listed above..
Use this section to apply anti- x profiles (created in the Configuration > UTM Profile
screens) to traffic that matches the criteria above. You must have created a profile first;
otherwise none displays.
Use Log to generate a log (log), log and alert (log alert) or not (no) for all traffic that
matches criteria in the profile.
Select an Application Patrol profile from the list box; none displays if no profiles have been
created in the Configuration > UTM Profile > App Patrol screen.
Select a Content Filter profile from the list box; none displays if no profiles have been
created in the Configuration > UTM Profile > Content Filter screen.
Select an IDP profile from the list box; none displays if no profiles have been created in the
Configuration > UTM Profile > IDP screen.
Select an Anti-Virus profile from the list box; none displays if no profiles have been created
in the Configuration > UTM Profile > Anti-Virus screen.
Select an Anti-Spam profile from the list box; none displays if no profiles have been created
in the Configuration > UTM Profile > Anti-Spam screen.
Select an SSL Inspection profile from the list box; none displays if no profiles have been
created in the Configuration > UTM Profile > SSL Inspection screen.
Click OK to save your customized settings and exit this screen.
Click Cancel to exit this screen without saving.
ZyWALL/USG Series User's Guide
520
- Quick Links:
- Web Configurator
- Web Configurator Access
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
