ZyXEL Communications 91-009-073003B ユーザーズマニュアル
ZyWALL USG 50 User’s Guide
513
C
H A P T E R
3 1
ADP
31.1 Overview
This chapter introduces ADP (Anomaly Detection and Prevention), anomaly
profiles and applying an ADP profile to a traffic direction. ADP protects against
anomalies based on violations of protocol standards (RFCs – Requests for
Comments) and abnormal flows such as port scans.
profiles and applying an ADP profile to a traffic direction. ADP protects against
anomalies based on violations of protocol standards (RFCs – Requests for
Comments) and abnormal flows such as port scans.
31.1.1 ADP and IDP Comparison
1
ADP anomaly detection is in general effective against abnormal behavior while IDP
packet inspection signatures are in general effective for known attacks (see
packet inspection signatures are in general effective for known attacks (see
for information on packet inspection).
2
ADP traffic and anomaly rules are updated when you upload new firmware. This is
different from the IDP packet inspection signatures and the system protect
signatures you download from myZyXEL.com.
different from the IDP packet inspection signatures and the system protect
signatures you download from myZyXEL.com.
31.1.2 What You Can Do in this Chapter
• Use Anti-X > ADP > General (
) to turn anomaly
detection on or off and apply anomaly profiles to traffic directions.
• Use Anti-X > ADP > Profile (
) to add a new profile,
edit an existing profile or delete an existing profile.
31.1.3 What You Need To Know
Traffic Anomalies
Traffic anomaly rules look for abnormal behavior or events such as port scanning,
sweeping or network flooding. It operates at OSI layer-2 and layer-3. Traffic
anomaly rules may be updated when you upload new firmware.
sweeping or network flooding. It operates at OSI layer-2 and layer-3. Traffic
anomaly rules may be updated when you upload new firmware.