beautypg.com

ZyXEL Communications ZyXEL ZyWALL IDP 10 User Manual

Page 61

background image

ZyWALL IDP 10 User’s Guide

IDP Policies

6-15

Table 6-3 Selecting Pre-defined Policies

LABEL

DESCRIPTION

Pre-defined Policy Group Setting

Modify

Click this button to display a screen where you can batch enable or disable policy types
based on severity and/or target operating system. You can also batch enable or disable
peer-to-peer, instant messaging and spam signature categories.

Pre-defined Policy

Policy Search

You can search for policies based on policy name or ID number. Select By Name or By
Policy ID form the drop-down list box, enter a (partial) name or a complete, exact ID
number in the text box and then click Search. The name entered in the text box is not
case sensitive.

After a search is performed, click IDP in the navigation panel to display all policies again.

Policy Query

Alternatively, you can search for policies based on a combination of signature category
(policy type), severity and/or attack target operating system. Hold the key to
select multiple items and then click Query. After a search is performed, click IDP in the
navigation panel to display all policies again.

By Type Select one item or hold the key to select multiple items. See section 6.3 for

more information on signature categories.

AND/OR Logical AND means that all criteria must be fulfilled before a match is deemed found.

Logical OR means that at least one of the criteria must be fulfilled before a match is
deemed found.

By Severity Select one item or hold the key to select multiple items. See Table 6-1 for more

information on policy severity.

By Operating

System

This search category finds policies that were intended to defend specific operating
systems due to the intrusion being targeted at a weakness in that operating system.
Select one item or hold the key to select multiple items.

||

Use these buttons to navigate between first, previous, next and last pages of the pre-
defined policies downloaded.

#

This is the ore-defined policy index number. Pre-defined rules have already been
ordered for you and cannot be re-ordered.

Enable

Clear this checkbox to have the ZyWALL skip this rule when detecting intrusions. You
can enable or disable individual policies here or enable/disable a batch of policies using
the screen that appears after you click Modify.

Alarm

An alarm is an action (an e-mail is sent) to be taken on the policy when a packet
matches a rule. Alarm e-mails are not sent instantly but rather at periodic intervals
(minimum five minutes).

Select this checkbox to enable the alarm action. For other actions, select from the
Action drop-down list box.

Type

This field refers to the signature category as described in section 6.3.

Name

The (read-only) policy name identifies a specific signature targeted at a specific
intrusion.

See also other documents in the category ZyXEL Communications Hardware: