ZyXEL Communications ZyWALL 300 User Manual
Chapter 27 Application Patrol
ZyWALL USG 300 User’s Guide
394
Schedule
Select a schedule that defines when the policy applies or select Create Object to
configure a new one (see
configure a new one (see
for details). Otherwise, select
none to make the policy always effective.
User
Select a user name or user group to which to apply the policy. Select Create
Object to configure a new user account (see
Object to configure a new user account (see
for
details). Select any to apply the policy for every user.
From
Select the source zone of the traffic to which this policy applies.
To
Select the destination zone of the traffic to which this policy applies.
Source
Select a source address or address group for whom this policy applies. Select
Create Object to configure a new one. Select any if the policy is effective for every
source.
Create Object to configure a new one. Select any if the policy is effective for every
source.
Destination
Select a destination address or address group for whom this policy applies. Select
Create Object to configure a new one. Select any if the policy is effective for every
destination.
Create Object to configure a new one. Select any if the policy is effective for every
destination.
Access
This field controls what the ZyWALL does with packets for this application that
match this policy. Choices are:
forward - the ZyWALL routes the packets for this application.
Drop - the ZyWALL does not route the packets for this application and does not
notify the client of its decision.
Reject - the ZyWALL does not route the packets for this application and notifies the
client of its decision.
match this policy. Choices are:
forward - the ZyWALL routes the packets for this application.
Drop - the ZyWALL does not route the packets for this application and does not
notify the client of its decision.
Reject - the ZyWALL does not route the packets for this application and notifies the
client of its decision.
Action Block
For some applications, you can select individual uses of the application that the
policy will have the ZyWALL block. These fields only apply when Access is set to
forward.
Login - Select this option to block users from logging in to a server for this
application.
Message - Select this option to block users from sending or receiving instant
messages.
Audio - Select this option to block users from sending or receiving audio traffic.
Video - Select this option to block users from sending or receiving video traffic.
File Transfer - Select this option to block users from sending or receiving files.
policy will have the ZyWALL block. These fields only apply when Access is set to
forward.
Login - Select this option to block users from logging in to a server for this
application.
Message - Select this option to block users from sending or receiving instant
messages.
Audio - Select this option to block users from sending or receiving audio traffic.
Video - Select this option to block users from sending or receiving video traffic.
File Transfer - Select this option to block users from sending or receiving files.
Bandwidth
Management
Management
Configure these fields to set the amount of bandwidth the application can use.
These fields only apply when Access is set to forward.
You must also enable bandwidth management in the main application patrol screen
(AppPatrol > General) in order to apply bandwidth shaping.
These fields only apply when Access is set to forward.
You must also enable bandwidth management in the main application patrol screen
(AppPatrol > General) in order to apply bandwidth shaping.
Inbound kbps
Type how much inbound bandwidth, in kilobits per second, this policy allows the
application to use. Inbound refers to the traffic the ZyWALL sends to a
connection’s initiator.
If you enter 0 here, this policy does not apply bandwidth management for the
application’s traffic that the ZyWALL sends to the initiator. Traffic with bandwidth
management disabled (inbound and outbound are both set to 0) is automatically
treated as the lowest priority (7).
If the sum of the bandwidths for routes using the same next hop is higher than the
actual transmission speed, lower priority traffic may not be sent if higher priority
traffic uses all of the actual bandwidth.
application to use. Inbound refers to the traffic the ZyWALL sends to a
connection’s initiator.
If you enter 0 here, this policy does not apply bandwidth management for the
application’s traffic that the ZyWALL sends to the initiator. Traffic with bandwidth
management disabled (inbound and outbound are both set to 0) is automatically
treated as the lowest priority (7).
If the sum of the bandwidths for routes using the same next hop is higher than the
actual transmission speed, lower priority traffic may not be sent if higher priority
traffic uses all of the actual bandwidth.
Table 115 Application Policy Edit (continued)
LABEL
DESCRIPTION