ZyXEL Communications 1000 User Manual

 Chapter 35 ADP

ZyWALL USG 1000 User’s Guide

Protocol anomaly is the third screen in an ADP profile. Protocol anomaly (PA) rules 
check for protocol compliance against the relevant RFC (Request for Comments). 

Protocol anomaly detection includes HTTP Inspection, TCP Decoder, UDP Decoder, 
and ICMP Decoder where each category reflects the packet type inspected. 

Protocol anomaly rules may be updated when you upload new firmware.

In the Configuration > Anti-X > ADP > Profile screen, click the Edit icon or 
click the Add icon and choose a base profile, then select the Protocol Anomaly 
tab. If you made changes to other screens belonging to this profile, make sure you 
have clicked OK or Save to save the changes before selecting the Protocol 
Anomaly tab.

Name

This is the name of the traffic anomaly rule. Click the Name column 
heading to sort in ascending or descending order according to the rule 
name.

Log

These are the log options. To edit this, select an item and use the Log 
icon.

Action

This is the action the ZyWALL should take when a packet matches a rule. 
To edit this, select an item and use the Action icon. 

Threshold

For flood detection you can set the number of detected flood packets per 
second that causes the ZyWALL to take the configured action.

OK

Click OK to save your settings to the ZyWALL, complete the profile and 
return to the profile summary page. 

Cancel

Click Cancel to return to the profile summary page without saving any 
changes.

Save

Click Save to save the configuration to the ZyWALL but remain in the 
same page. You may then go to the another profile screen (tab) in order 
to complete the profile. Click OK in the final profile screen to complete 
the profile.

Table 164   Configuration > ADP > Profile > Traffic Anomaly (continued)