Protocol Anomalies - ZyXEL Communications ZyWALL 1100 User Manual
Zywall/usg series
Hide thumbs
Also See for ZyWALL 1100:
- User manual (994 pages) ,
- Handbook (749 pages) ,
- Reference manual (665 pages)
Table of Contents
Advertisement
Table 138 Configuration > Security Policy > ADP > Profile > Add-Traffic-Anomaly (continued)
LABELS
Threshold (pkt/sec)
OK
Cancel
Save
19.3.4 Protocol Anomalies
Protocol anomalies are packets that do not comply with the relevant RFC (Request For Comments).
Protocol anomaly detection includes:
• TCP Decoder
• UDP Decoder
• ICMP Decoder
Chapter 19 Security Policy
DESCRIPTION
(Flood detection only.) Select a suitable threshold level (the number of packets
per second that match the flood detection criteria) for your network. If you
choose a low threshold, most traffic anomaly attacks will be detected, but you
may have more logs and false positives.
If you choose a high threshold, some traffic anomaly attacks may not be
detected, but you will have fewer logs and false positives.
Click OK to save your settings to the ZyWALL/USG, complete the profile and
return to the profile summary page.
Click Cancel to return to the profile summary page without saving any changes.
Click Save to save the configuration to the ZyWALL/USG but remain in the same
page. You may then go to the another profile screen (tab) in order to complete
the profile. Click OK in the final profile screen to complete the profile.
ZyWALL/USG Series User's Guide
337
- Quick Links:
- Web Configurator
- Web Configurator Access
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
