beautypg.com

ZyXEL Communications ZYWALL IDP 10 User Manual

Page 26

background image

IDP Support Notes


26

9600bps baud rate

N81 data format (No Parity, 8 data bits, 1 stop bit)

The baud rate of IDP10 is unchangeable.

How to trouble shoot the false positive and false negative cases?

Please capture the problematic packets through the following steps and send the

packet trace back to ZyXEL support. The capturing can be done as follows:

Prepare a PC with a packet capturing software. (Go to

http://www.ethereal.com

for

free download.)

Calibrate time on PC and IDP.

Put the PC on IDP-10's interface where the problematic packets arrive.

Observe the log on IDP where the false positive/negative logs occur and save the

packets captured by the Ethereal at that timestamp.

What's the difference between Inline, Monitor and Bypass mode?

Inline: Put ZyWALL IDP in action! It detects any suspicious or malicious packets

running through it, and depends on the action policy, it would log, drop, or blocks the

packets.

Monitor: ZyWALL IDP monitors all the traffics going through it, but does not block

any packets. Think of it as a surveillance camera. It’s recommended to have your

ZyWALL IDP in monitor mode when you fist install it to your network. You could

then identify and correct any "false positive: or "false negative" detections

Bypass: ZyWALL IDP will not detect nor block any traffic at all.

All contents copyright (c) 2004 ZyXEL Communications Corporation.