1.5.2.2 Configuration Flow ................................................................................ 113
1.5.2.3 Configuration procedure ........................................................................ 114
1.5.2.4 Steps to configure ................................................................................... 115
2. Security Policy Enforcement .................................................................................................. 125
2.1 Managing IM/P2P Applications ................................................................................... 125
2.1.1 Why bother with managing IM/P2P applications? ............................................ 125
2.1.2 What does ZyWALL USG 2000 provide for managing IM/P2P applications? 126
2.1.3 Configuration Example ..................................................................................... 126
2.2 Zone-based Anti-Virus Protection ................................................................................ 134
2.2.1 Applying Zone-Based Anti-Virus to ZyWALL USG 2000 ............................... 134
2.2.2 Enabling Black and White List ......................................................................... 141
2.2.3 Enabling Anti-Virus Statistics Report ............................................................... 142
2.2.4 Dual AV ............................................................................................................. 143
2.3 Configuring ZyWALL USG 2000 as a Wireless Router .............................................. 143
2.3.1 Configuration procedure ................................................................................... 143
2.3.2 MAC filter in WLAN ........................................................................................ 145
2.4 Mobility Internet Access .............................................................................................. 147
2.4.1 Utilize 3G Wireless for Accessing the Internet ................................................. 148
2.4.1.1 Configuration procedure ........................................................................ 149
3. Seamless Incorporation .......................................................................................................... 156
3.1 Transparent Firewall ..................................................................................................... 156
3.1.1 Bridge mode & Router (NAT) mode co-exist ................................................... 156
3.1.2 NAT & Virtual Server........................................................................................ 159
3.2 Zone-based IDP Protection .......................................................................................... 162
3.2.1 Applying Zone-Based IDP to ZyWALL USG 2000 .......................................... 163
3.3 Anti-spam on the ZyWALL USG 2000 ........................................................................ 169
3.3.1 How Anti-Spam works on ZyWALL USG ....................................................... 170
3.3.2 Using DNSBL (DNS-based blacklist) ............................................................... 170
3.3.2.1 Application scenario to apply DNSBL ................................................... 170
3.3.2.1.1 Scenario I: Email server is located in the ISP/ Internet ...................... 170
3.3.2.1.2 Scenario II: Company's Email server located in the DMZ ................. 173
3.3.3 Using Black/White list (B/W list) ..................................................................... 176
3.3.3.1 Configuration procedure ........................................................................ 176
3.3.3.2 Scenario topology ................................................................................... 177
3.3.3.3 Steps to configure B/W list .................................................................... 177
3.4 Guaranteed Quality of Service ..................................................................................... 180
3.4.1 Priority & Bandwidth management .................................................................. 181
All contents copyright (c) 2008 ZyXEL Communications Corporation.
ZyWALL USG 2000 Support Notes
3