ZyXEL Communications 100 Series User Manual
Chapter 29 IDP
ZyWALL USG 100/200 Series User’s Guide
489
Figure 381 Anti-X > IDP > Profile
The following table describes the fields in this screen.
29.5 Creating New Profiles
You may want to create a new profile if not all signatures in a base profile are applicable to
your network. In this case you should disable non-applicable signatures so as to improve
ZyWALL IDP processing efficiency.
your network. In this case you should disable non-applicable signatures so as to improve
ZyWALL IDP processing efficiency.
You may also find that certain signatures are triggering too many false positives or false
negatives. A false positive is when valid traffic is flagged as an attack. A false negative is
when invalid traffic is wrongly allowed to pass through the ZyWALL. As each network is
different, false positives and false negatives are common on initial IDP deployment.
negatives. A false positive is when valid traffic is flagged as an attack. A false negative is
when invalid traffic is wrongly allowed to pass through the ZyWALL. As each network is
different, false positives and false negatives are common on initial IDP deployment.
You could create a new ‘monitor profile’ that creates logs but all actions are disabled. Observe
the logs over time and try to eliminate the causes of the false alarms. When you’re satisfied
that they have been reduced to an acceptable level, you could then create an ‘inline profile’
whereby you configure appropriate actions to be taken when a packet matches a signature.
the logs over time and try to eliminate the causes of the false alarms. When you’re satisfied
that they have been reduced to an acceptable level, you could then create an ‘inline profile’
whereby you configure appropriate actions to be taken when a packet matches a signature.
29.5.1 Procedure To Create a New Profile
To create a new profile:
1 Click the Add icon in the Anti-X > IDP > Profile screen to display a pop-up screen
allowing you to choose a base profile.
2 Select a base profile (see
) and then click OK to go to the profile
details screen.
"
If Internet Explorer opens a warning screen about a script making Internet
Explorer run slowly and the computer maybe becoming unresponsive, just
click No to continue.
Explorer run slowly and the computer maybe becoming unresponsive, just
click No to continue.
Table 155 Anti-X > IDP > Profile
LABEL
DESCRIPTION
Name
This is the name of the profile you created.
Base Profile
This is the base profile from which the profile was created.
(Icons)
Click the Add icon in the column header to create a new profile. A pop-up screen
displays requiring you to choose a base profile from which to create the new profile.
Click an Edit icon to edit an existing profile.
Click a Remove icon to delete an existing profile.
displays requiring you to choose a base profile from which to create the new profile.
Click an Edit icon to edit an existing profile.
Click a Remove icon to delete an existing profile.