beautypg.com

ZyXEL Communications Internet Security Appliance ZyWALL5UTM 4.0 User Manual

Page 14

background image

ZyWALL 5/35/70 Series User’s Guide

Table of Contents

14

Chapter 11
Firewall Screens................................................................................................... 210

11.1 Access Methods .............................................................................................210
11.2 Firewall Policies Overview ..............................................................................210
11.3 Rule Logic Overview ......................................................................................212

11.3.1 Rule Checklist .......................................................................................212
11.3.2 Security Ramifications ..........................................................................212
11.3.3 Key Fields For Configuring Rules .........................................................212

11.3.3.1 Action ...........................................................................................212
11.3.3.2 Service .........................................................................................213
11.3.3.3 Source Address ...........................................................................213
11.3.3.4 Destination Address ....................................................................213

11.4 Connection Direction Examples .....................................................................213

11.4.1 LAN To WAN Rules ...............................................................................213
11.4.2 WAN To LAN Rules ...............................................................................214

11.5 Alerts ..............................................................................................................214

11.10.1 Threshold Values ................................................................................223
11.10.2 Half-Open Sessions ............................................................................223

11.10.2.1 TCP Maximum Incomplete and Blocking Time ..........................224

11.11.2 Predefined Services ............................................................................229

11.12 Example Firewall Rule ..................................................................................231

Chapter 12
Intrusion Detection and Prevention (IDP) .......................................................... 236

12.1 Introduction to IDP .......................................................................................236

12.1.1 Firewalls and Intrusions ........................................................................236
12.1.2 IDS and IDP .........................................................................................237
12.1.3 Host IDP ..............................................................................................237
12.1.4 Network IDP .........................................................................................237
12.1.5 Example Intrusions ...............................................................................238

12.1.5.1 SQL Slammer Worm ...................................................................238
12.1.5.2 Blaster W32.Worm ......................................................................238
12.1.5.3 Nimda ..........................................................................................238
12.1.5.4 MyDoom ......................................................................................239

12.1.6 ZyWALL IDP .........................................................................................239

Chapter 13
Configuring IDP.................................................................................................... 240

13.1 Overview ........................................................................................................240

13.1.1 Interfaces ..............................................................................................240

13.2 General Setup ................................................................................................241

13.3.1 Attack Types .........................................................................................242
13.3.2 Intrusion Severity ..................................................................................244

See also other documents in the category ZyXEL Communications Hardware: