ZyXEL Communications unified security gateway User Manual
Chapter 2 Features and Applications
ZyWALL USG 20/20W User’s Guide
38
Firewall
The ZyWALL’s firewall is a stateful inspection firewall. The ZyWALL restricts access
by screening data packets against defined access rules. It can also inspect
sessions. For example, traffic from one zone is not allowed unless it is initiated by
a computer in another zone first.
by screening data packets against defined access rules. It can also inspect
sessions. For example, traffic from one zone is not allowed unless it is initiated by
a computer in another zone first.
Anomaly Detection and Prevention (ADP)
ADP (Anomaly Detection and Prevention) can detect malicious or suspicious
packets and respond instantaneously. It can detect:
packets and respond instantaneously. It can detect:
• Anomalies based on violations of protocol standards (RFCs – Requests for
Comments)
• Abnormal flows such as port scans.
The ZyWALL’s ADP protects against network-based intrusions. See
for more on the kinds of attacks that
the ZyWALL can protect against. You can also create your own custom ADP rules.
Bandwidth Management
Bandwidth management allows you to allocate network resources according to
defined policies. This policy-based bandwidth allocation helps your network to
better handle applications such as Internet access, e-mail, Voice-over-IP (VoIP),
video conferencing and other business-critical applications.
defined policies. This policy-based bandwidth allocation helps your network to
better handle applications such as Internet access, e-mail, Voice-over-IP (VoIP),
video conferencing and other business-critical applications.
Content Filter
Content filtering allows schools and businesses to create and enforce Internet
access policies tailored to the needs of the organization.
access policies tailored to the needs of the organization.
You can also subscribe to category-based content filtering that allows your
ZyWALL to check web sites against an external database of dynamically-updated
ratings of millions of web sites. You then simply select categories to block or
monitor, such as pornography or racial intolerance, from a pre-defined list.
ZyWALL to check web sites against an external database of dynamically-updated
ratings of millions of web sites. You then simply select categories to block or
monitor, such as pornography or racial intolerance, from a pre-defined list.
Anti-Spam
The anti-spam feature can mark or discard spam. Use the white list to identify
legitimate e-mail. Use the black list to identify spam e-mail. The ZyWALL can also
check e-mail against a DNS black list (DNSBL) of IP addresses of servers that are
suspected of being used by spammers.
legitimate e-mail. Use the black list to identify spam e-mail. The ZyWALL can also
check e-mail against a DNS black list (DNSBL) of IP addresses of servers that are
suspected of being used by spammers.