Query Example - ZyXEL Communications ZyWall 110 User Manual
Security firewalls
Hide thumbs
Also See for ZyWall 110:
- User manual (1090 pages) ,
- Handbook (749 pages) ,
- Handbook & instructions (255 pages)
Table of Contents
Advertisement
Table 205 Configuration > UTM Profile > IDP > Profile: Query View (continued)
LABEL
Severity
Attack Type
Platform
Service
Action
Activation
Log
Search
Query Result
OK
Cancel
Save
30.2.5 Query Example
This example shows a search with these criteria:
• Severity: high
• Policy Type: DoS
• Platform: Windows
• Service: Any
• Actions: Any
Chapter 30 IDP
DESCRIPTION
Search for signatures by severity level(s). Hold down the [Ctrl] key if you want to make
multiple selections.
These are the severities as defined in the ZyWALL/USG. The number in brackets is the
number you use if using commands.
Severe (5): These denote attacks that try to run arbitrary code or gain system
privileges.
High (4): These denote known serious vulnerabilities or attacks that are probably not
false alarms.
Medium (3): These denote medium threats, access control attacks or attacks that could
be false alarms.
Low (2): These denote mild threats or attacks that could be false alarms.
Very-Low (1): These denote possible attacks caused by traffic such as Ping, trace
route, ICMP queries etc.
Search for signatures by attack type(s) (see
known as policy types in the group view screen. Hold down the [Ctrl] key if you want to
make multiple selections.
Search for signatures created to prevent intrusions targeting specific operating
system(s). Hold down the [Ctrl] key if you want to make multiple selections.
Search for signatures by IDP service group(s). See
details. Hold down the [Ctrl] key if you want to make multiple selections.
Search for signatures by the response the ZyWALL/USG takes when a packet matches a
signature. See
Table 202 on page 488
want to make multiple selections.
Search for activated and/or inactivated signatures here.
Search for signatures by log option here. See
Click this button to begin the search. The results display at the bottom of the screen.
Results may be spread over several pages depending on how broad the search criteria
selected were. The tighter the criteria selected, the fewer the signatures returned.
The results are displayed in a table showing the SID, Name, Severity, Attack Type,
Platform, Service, Activation, Log, and Action criteria as selected in the search.
Click the SID column header to sort search results by signature ID.
Click OK to save your settings to the ZyWALL/USG, complete the profile and return to
the profile summary page.
Click Cancel to return to the profile summary page without saving any changes.
Click Save to save the configuration to the ZyWALL/USG, but remain in the same page.
You may then go to the another profile screen (tab) in order to complete the profile.
Click OK in the final profile screen to complete the profile.
ZyWALL/USG Series User's Guide
495
Table 203 on page
492). Attack types are
Table 203 on page 492
for action details. Hold down the [Ctrl] key if you
Table 202 on page 488
for group
for option details.
- Quick Links:
- Web Configurator
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
