The Anomaly Detection And Prevention General Screen - ZyXEL Communications ZyWall 110 User Manual
Security firewalls
Hide thumbs
Also See for ZyWall 110:
- User manual (1090 pages) ,
- Handbook (749 pages) ,
- Handbook & instructions (255 pages)
Table of Contents
Advertisement
Traffic Anomalies
Traffic anomaly policies look for abnormal behavior or events such as port scanning, sweeping or
network flooding. They operate at OSI layer-2 and layer-3. Traffic anomaly policies may be updated
when you upload new firmware.
Protocol Anomalies
Protocol anomalies are packets that do not comply with the relevant RFC (Request For Comments).
Protocol anomaly detection includes:
• TCP Decoder
• UDP Decoder
• ICMP Decoder
Protocol anomaly policies may be updated when you upload new firmware.
Note: First, create an ADP profile in the In the Configuration > Security Policy > ADP
> Profile screen.
Then, apply the profile to traffic originating from a specific zone in the
Configuration > Security Policy > ADP > General screen.
21.3.1 The Anomaly Detection and Prevention General Screen
Click Configuration > Security Policy > ADP > General to display the next screen.
Figure 246 Configuration > Security Policy > ADP > General
The following table describes the labels in this screen.
Table 152 Configuration > Security Policy > ADP > General
LABEL
General Settings
Enable Anomaly Detection
and Prevention
Add
Chapter 21 Security Policy
DESCRIPTION
Select this to enable traffic anomaly and protocol anomaly detection and
prevention.
Select an entry and click Add to append a new row beneath the one selected.
ADP policies are applied in order (Priority) shown in this screen
ZyWALL/USG Series User's Guide
364
- Quick Links:
- Web Configurator
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
