ZyXEL Communications ZyWALL 1000 User Manual
Chapter 29 IDP
ZyWALL USG 1000 User’s Guide
427
29.8.2 Policy Types
This section describes IDP policy types, also known as attack types, as categorized in the
ZyWALL. You may refer to these types when categorizing your own custom rules.
ZyWALL. You may refer to these types when categorizing your own custom rules.
Action
Select what action the ZyWALL should take when a packet matches a signature
here.
original setting: Select this action to return each signature in a service group to its
original setting: Select this action to return each signature in a service group to its
previously saved configuration.
none: Select this action on an individual signature or a complete service group to
none: Select this action on an individual signature or a complete service group to
have the ZyWALL take no action when a packet matches the signature(s).
drop: Select this action on an individual signature or a complete service group to
drop: Select this action on an individual signature or a complete service group to
have the ZyWALL silently drop a packet that matches the signature(s). Neither
sender nor receiver are notified.
reject-sender: Select this action on an individual signature or a complete service
reject-sender: Select this action on an individual signature or a complete service
group to have the ZyWALL send a reset to the sender when a packet matches the
signature. If it is a TCP attack packet, the ZyWALL will send a packet with a ‘RST’
flag. If it is an ICMP or UDP attack packet, the ZyWALL will send an ICMP
unreachable packet.
reject-receiver: Select this action on an individual signature or a complete service
reject-receiver: Select this action on an individual signature or a complete service
group to have the ZyWALL send a reset to the receiver when a packet matches the
signature. If it is a TCP attack packet, the ZyWALL will send a packet with an a ‘RST’
flag. If it is an ICMP or UDP attack packet, the ZyWALL will do nothing.
reject-both: Select this action on an individual signature or a complete service group
reject-both: Select this action on an individual signature or a complete service group
to have the ZyWALL send a reset to both the sender and receiver when a packet
matches the signature. If it is a TCP attack packet, the ZyWALL will send a packet
with a ‘RST’ flag to the receiver and sender. If it is an ICMP or UDP attack packet, the
ZyWALL will send an ICMP unreachable packet.
OK
A profile consists of three separate screens. If you want to configure just one screen
for an IDP profile, click OK to save your settings to the ZyWALL, complete the profile
and return to the profile summary page.
Cancel
Click Cancel to return to the profile summary page without saving any changes.
Save
If you want to configure more than one screen for an IDP profile, click Save to save
the configuration to the ZyWALL, but remain in the same page. You may then go to
another profile screen (tab) in order to complete the profile. Click OK in the final
profile screen to complete the profile.
Table 131 Anti-X > IDP > Profile > Group View (continued)
LABEL
DESCRIPTION
Table 132 Policy Types
POLICY TYPE
DESCRIPTION
P2P
Peer-to-peer (P2P) is where computing devices link directly to each other and
can directly initiate communication with each other; they do not need an
intermediary. A device can be both the client and the server. In the ZyWALL,
P2P refers to peer-to-peer applications such as e-Mule, e-Donkey, BitTorrent,
iMesh, etc.
IM
IM (Instant Messaging) refers to chat applications. Chat is real-time, text-based
communication between two or more users via networks-connected computers.
After you enter a chat (or chat room), any room member can type a message
that will appear on the monitors of all the other participants.
SPAM
Spam is unsolicited “junk” e-mail sent to large numbers of people to promote
products or services.