Idp; Overview; What You Can Do Using The Idp Screens; What You Need To Know About Idp - ZyXEL Communications ZyWALL USG 100 Series User Manual
Unified security gateway
Hide thumbs
Also See for ZyWALL USG 100 Series:
- Quick start manual (128 pages) ,
- Release note (19 pages) ,
- Specifications (4 pages)
Table of Contents
Advertisement
C
H A P T E R
30.1 Overview
This chapter introduces packet inspection IDP (Intrusion, Detection and Prevention), IDP
profiles, binding an IDP profile to a traffic flow, custom signatures and updating signatures.
An IDP system can detect malicious or suspicious packets and respond instantaneously. IDP
on the ZyWALL protects against network-based intrusions.
30.1.1 What You Can Do Using the IDP Screens
• Use the Anti-X > IDP > General screen
bind IDP profiles to traffic directions, and view registration and signature information.
Click the Add or Edit icon in this screen to bind an IDP profile to a traffic direction.
• Use the Anti-X > IDP > Profile screen
edit an existing profile or delete an existing profile.
• Use the Anti-X > IDP > Custom Signature screens to create a new signature, edit an
existing signature, delete existing signatures or save signatures to your computer.
30.1.2 What You Need To Know About IDP
Packet Inspection Signatures
A signature identifies a malicious or suspicious packet and specifies an action to be taken. You
can change the action in the profile screens. Packet inspection signatures examine OSI (Open
System Interconnection) layer-4 to layer-7 packet contents for malicious data. Generally,
packet inspection signatures are created for known attacks while anomaly detection looks for
abnormal behavior (see
Zone
A zone is a combination of ZyWALL interfaces and VPN connections used for configuring
security. See the zone chapter for details on zones and the interfaces chapter for details on
interfaces.
IDP Profiles
An IDP profile is a set of related IDP signatures that you can activate as a set and configure
common log and action settings. You can apply IDP profiles to traffic flowing from one zone
to another. For example, apply the default LAN_IDP profile to any traffic going to the LAN
zone in order to protect your LAN computers.
ZyWALL USG 100/200 Series User's Guide
(Section 30.2 on page
(Section 30.3 on page
Chapter 31 on page
521).
30
IDP
494) to turn IDP on or off,
497) to add a new profile,
493
- Quick Links:
- Getting Started
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
