ZyXEL Communications ZYWALL USG 2000 Support Notes page 216

ZyWALL USG 2000 Support Notes
The signature is designed for IDP in the purpose of detecting pattern-based attacks.
If a packet matches a signature, the action specified by the signature is taken. You can change
the default signature actions in the profile screens.
You can create custom signatures for new attacks or attacks peculiar to your network. Custom
signatures can also be saved to/from your computer so as to share with others.
ADP-Anomaly
An ADP (Anomaly, Detection and Prevention) system can detect malicious or suspicious
packets and respond instantaneously. It can detect:
‧ Anomalies based on violations of protocol standards.
‧ Abnormal flows such as port scans.
ADP on the ZyWALL protects against network-based intrusions. You can also create your own
custom ADP rules.
System Protection
System Protection System offers the ZyWALL ability to protect itself against host-based
intrusions. ZyXEL can prevent not only network intrusions but also host-based instructions.
Zone to Zone Protection
A zone is a combination of ZyWALL interfaces for security. Traffic direction is defined by the
zone the traffic is coming from and the zone the traffic is going to.
The ZyWALL can inspect the traffic from different sources. Therefore, the
malicious/suspicious packets from WAN to LAN and the traffic coming from DMZ to LAN
will be treated differently.
J07. Does IDP subscription have anything to do with AppPatrol?
AppPatrol can be free for usage if the user registers the IDP trial license firstly. Due to
AppPatrol requires the IDP signatures to identify the application type, by registration to the
trial program, the user can use AppPatrol as well to update signatures during the trial period.
Once the trial license expires the user can still use the AppPatrol feature but is no longer able
to update signatures. AppPatrol is independent from IDP, both features can be turned on or off
independently.
216
All contents copyright (c) 2008 ZyXEL Communications Corporation.