Policy actions, Configuring pre-defined policies, 4 configuring pre-defined policies – ZyXEL Communications ZyXEL ZyWALL IDP 10 User Manual

ZyWALL IDP 10 User’s Guide

IDP Policies

6-13

6.3.14 Policy Actions

Table 6-2 Policy Actions

ACTION DESCRIPTION

No Action

The intrusion is detected and an alarm may be sent (if the Alarm check box is
selected) but no other action is taken. If the Alarm check box is also cleared, it is
recommended you simply disable the rule.

Log

The packet is marked as an intrusion and a log is recorded (an alarm may also
be sent if the Alarm check box is selected) but the packet is allowed to pass
through the ZyWALL.

Log + Drop Packet

The packet is marked as an intrusion, a log is recorded and the packet is silently
discarded. (An alarm may also be sent if the Alarm check box is selected).

Log + Block Connection

The packet is marked as an intrusion, a log is recorded and the whole TCP
connection session is blocked (including subsequent TCP packets belonging to
the same connection) with both sender and receiver being sent TCP RST
packets. (An alarm may also be sent if the Alarm check box is selected).

Log + Drop Packet + Block
Connection

The packet is marked as an intrusion, a log is recorded, the triggering packet is
silently discarded, and the whole TCP connection session is blocked (including
subsequent TCP packets belonging to the same connection) with both sender
and receiver being notified. (An alarm may also be sent if the Alarm check box is
selected).

6.4 Configuring Pre-defined Policies

Click IDP from the navigation panel. Pre-defined is the first screen as shown in the following figure.