beautypg.com

Modify screen – ZyXEL Communications ZyXEL ZyWALL IDP 10 User Manual

Page 64

background image

ZyWALL IDP 10 User’s Guide

6-18

IDP

Policies

6.4.3 Modify Screen

Click Modify in Figure 6-13 to display a screen where you can batch enable or disable policy types
based on severity and/or target operating system. You can also batch enable or disable peer-to-peer,
instant messaging and spam signature categories (see section 6.3).

As you can enable certain “attack group” items and at the same time disable certain “application
group” items (and vice versa), in some instances, conflict may occur. If conflict should occur, then the
action determined under “application group” takes precedence.

Figure 6-16 Pre-defined Policies: Modify

Table 6-4 Pre-defined IDP Policies

LABEL

DESCRIPTION

ALL

Select this checkbox and then select Enable or Disable to automatically enable or
disable all policies. When ALL is selected, Attack Group and Application Group
choices are not available. When ALL is cleared, you can enable or disable a group of
policies by severity (see Table 6-1), operating system or signature category (P2P, IM or
SPAM – see section 6.3.)

Attack Group

Select Enable to enable all policies that meet the following criteria.

Severity If ALL is cleared (not selected), you may choose to enable or disabled policies based on

their seriousness (pre-determined by the IDP policy engineering team). See also Table
6-1.

Operation Logical AND means that all criteria must be fulfilled before a match is deemed found.

Logical OR means that at least one of the criteria must be fulfilled before a match is
deemed found. Choose from the logical AND (rules that match both severity type and
selected operating systems are displayed) or logical OR ((rules that match either severity
type or selected operating systems are displayed) operators.

Operating System If ALL is not selected you may choose to display policies based on intrusions that attack

specific operating systems as shown in the screen. SGI refers to Silicon Graphics
Incorporated, who manufactures multi-user Unix workstations that run the IRIX operating
system (SGI's version of UNIX).

See also other documents in the category ZyXEL Communications Hardware: