Security Policy Example Applications - ZyXEL Communications ZyWall 110 User Manual
Hide thumbs
Also See for ZyWall 110:
- User manual (829 pages) ,
- Handbook (749 pages) ,
- Handbook & instructions (255 pages)
Table of Contents
Advertisement
Figure 414 Configuration > Security Policy > Session Control > Edit
The following table describes the labels in this screen.
Table 213 Configuration > Security Policy > Session Control > Add / Edit
LABEL
Create new
Object
Enable Rule
Description
User
Address
IPv6 Address
Session Limit per
Host
OK
Cancel
27.7 Security Policy Example Applications
Suppose you decide to block LAN users from using IRC (Internet Relay Chat) through the Internet. To do
this, you would configure a LAN to WAN Security Policy that blocks IRC traffic from any source IP address
from going to any destination address. You do not need to specify a schedule since you need the
Security Policy to always be in effect. The following figure shows the results of this policy.
Chapter 27 Security Policy
DESCRIPTION
Use to configure new settings for User or Address objects that you need to use in this
screen.Click on the down arrow to see the menu.
Select this check box to turn on this session limit rule.
Enter information to help you identify this rule. Use up to 60 printable ASCII characters. Spaces
are allowed.
Select a user name or user group to which to apply the rule. The rule is activated only when the
specified user logs into the system and the rule will be disabled when the user logs out.
Otherwise, select any and there is no need for user logging.
Note: If you specified an IP address (or address group) instead of any in the field
below, the user's IP address should be within the IP address range.
Select the IPv4 source address or address group, including geographic address (group)
object, to which this rule applies. Select any to apply the rule to all IPv4 source addresses.
Select the IPv6 source address or address group, including geographic address (group)
object, to which this rule applies. Select any to apply the rule to all IPv6 source addresses.
Use this field to set a limit to the number of concurrent NAT/Security Policy sessions this rule's
users or addresses can have.
For this rule's users and addresses, this setting overrides the Default Session per Host setting in
the general Security Policy Session Control screen.
Click OK to save your customized settings and exit this screen.
Click Cancel to exit this screen without saving.
ZyWALL USG Series User's Guide
592
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
