ZyXEL Communications ZYWALL IDP 10 User Manual

IDP Support Notes

34

created to check Outgoing direction, it is applied on LAN interface. While a policy is

set Bi-directional, it is applied on both WAN and LAN interfaces.

How to decide which Interface should be applied for policy check?

Users can setup policy check from WEB GUI/SYSTEM/INTERFACE/Policy

Check. Policy check acts as a switch to enable or disable checking mechanism on

WAN or LAN port. A policy is bound to either WAN or LAN interface based on the

direction defined during setup. If you enable policy check on WAN interface, then the

policies bound to WAN interface will be checked. However, if you disable policy

check on LAN interface, then the policies bound to LAN interface won’t be checked.

If your IDP is used to protect a trusted network from being attacked by Internet

attackers, then you can disable policy check on LAN interface, and enable policy

check on WAN interface. Thus Internet access traffic from trusted domain won’t be

checked.

All contents copyright (c) 2004 ZyXEL Communications Corporation.