ZyXEL Communications 1000 Manuel D’Utilisation
Chapter 35 ADP
ZyWALL USG 1000 User’s Guide
604
The following table describes the fields in this screen.
Table 164 Configuration > ADP > Profile > Traffic Anomaly
LABEL
DESCRIPTION
Name
This is the name of the ADP profile. You may use 1-31 alphanumeric
characters, underscores(
characters, underscores(
_
), or dashes (-), but the first character cannot
be a number. This value is case-sensitive. These are valid, unique profile
names:
names:
MyProfile
mYProfile
Mymy12_3-4
These are invalid profile names:
1mYProfile
My Profile
MyProfile?
Whatalongprofilename123456789012
Scan/Flood
Detection
Detection
Sensitivity
(Scan detection only.) Select a sensitivity level so as to reduce false
positives in your network. If you choose low sensitivity, then scan
thresholds and sample times are set low, so you will have fewer logs and
false positives; however some traffic anomaly attacks may not be
detected.
positives in your network. If you choose low sensitivity, then scan
thresholds and sample times are set low, so you will have fewer logs and
false positives; however some traffic anomaly attacks may not be
detected.
If you choose high sensitivity, then scan thresholds and sample times are
set high, so most traffic anomaly attacks will be detected; however you
will have more logs and false positives.
set high, so most traffic anomaly attacks will be detected; however you
will have more logs and false positives.
Block
Period
Specify for how many seconds the ZyWALL blocks all packets from being
sent to the victim (destination) of a detected anomaly attack.
sent to the victim (destination) of a detected anomaly attack.
Activate
To turn on an entry, select it and click Activate.
Inactivate
To turn off an entry, select it and click Inactivate.
Log
To edit an item’s log option, select it and use the Log icon. Select
whether to have the ZyWALL generate a log (log), log and alert (log
alert) or neither (no) when traffic matches this anomaly rule. See
whether to have the ZyWALL generate a log (log), log and alert (log
alert) or neither (no) when traffic matches this anomaly rule. See
for more on logs.
Action
To edit what action the ZyWALL takes when a packet matches a rule,
select the signature and use the Action icon.
select the signature and use the Action icon.
none: The ZyWALL takes no action when a packet matches the
signature(s).
signature(s).
block: The ZyWALL silently drops packets that matches the rule. Neither
sender nor receiver are notified.
sender nor receiver are notified.
#
This is the entry’s index number in the list.
Status
The activate (light bulb) icon is lit when the entry is active and dimmed
when the entry is inactive.
when the entry is inactive.