ZyXEL Communications ZyWall 110 User Manual page 772

Table 283 Configuration > UTM Profile > SSL Inspection > Profile > Add / Edit (continued)
LABEL DESCRIPTION
Severity Level Select a severity level and these use the icons to enable/disable and configure logs and
actions for all signatures of that level.
Action for SSL Inspection supports SSLv3 and TLS1.0. Select to pass or block SSLv2 traffic that matches
connection with traffic bound to this policy here.
SSL v2
Log These are the log options for SSLv2 traffic that matches traffic bound to this policy:
• no: Select this option to have the Zyxel Device create no log for SSLv2 traffic that matches
traffic bound to this policy.
• log: Select this option to have the Zyxel Device create a log for SSLv2 traffic that matches
traffic bound to this policy.
• log alert: An alert is an e-mailed log for more serious events that may need more immediate
attention. They also appear in red in the Monitor > Log screen. Select this option to have the
Zyxel Device send an alert for SSLv2 traffic that matches traffic bound to this policy.
Action for SSL Inspection supports these cipher suites:
Connection with
• DES
unsupported suit
• 3DES
• AES
Select to pass or block unsupported traffic (such as other cipher suites, compressed traffic,
client authentication requests, and so on) that matches traffic bound to this policy here.
Log These are the log options for unsupported traffic that matches traffic bound to this policy:
• no: Select this option to have the Zyxel Device create no log for unsupported traffic that
matches traffic bound to this policy.
• log: Select this option to have the Zyxel Device create a log for unsupported traffic that
matches traffic bound to this policy
• log alert: An alert is an e-mailed log for more serious events that may need more immediate
attention. They also appear in red in the Monitor > Log screen. Select this option to have the
Zyxel Device send an alert for unsupported traffic that matches traffic bound to this policy.
Excepted Use the icons to enable/disable and configure logs and actions for individual signatures that
Signatures are different to the general settings configured for the severity level to which the signatures
belong. Signatures configured in Query View will appear in Group View.
Add Click this to configure settings to a signature that are different to the severity level to which it
belongs.
Remove Select an existing signature exception and then click this to delete the exception.
Activate To turn on an entry, select it and click Activate.
Inactivate To turn off an entry, select it and click Inactivate.
Log To edit an item's log option, select it and use the Log icon. These are the log options:
no: Select this option on an individual signature or a complete service group to have the Zyxel
Device create no log when a packet matches a signature(s).
log: Select this option on an individual signature or a complete service group to have the Zyxel
Device create a log when a packet matches a signature(s).
log alert: An alert is an e-mailed log for more serious events that may need more immediate
attention. Select this option to have the Zyxel Device send an alert when a packet matches a
signature(s).
Chapter 41 SSL Inspection
ZyWALL USG Series User's Guide
772