Search example – ZyXEL Communications ZyXEL ZyWALL IDP 10 User Manual

ZyWALL IDP 10 User’s Guide

6-16

IDP

Policies

Table 6-3 Selecting Pre-defined Policies

LABEL

DESCRIPTION

Direction

A policy rule direction refers to the intent of the policy rule.

o

Incoming means the policy applies to traffic coming from the WAN to the LAN.

o

Outgoing means the policy applies to traffic coming from the LAN to the WAN.

o

Bidirectional means the policy applies to traffic coming from and going to either
direction.

Some rules such as blocking MSN Login would only apply to outgoing traffic as the intent
is to block outgoing attempts to log into MSN Messenger. Similarly other rules would
only apply to incoming traffic where the intent is to take an action on traffic initiated from
somewhere on the WAN side. Pre-defined policies have the direction pre-determined.

Action

This field defines the action to be taken for a rule match. See Table 6-2 for details on
actions.

You can change the specified default action for pre-defined rules. After you apply these
changes, your specified actions for pre-defined rules remain in effect even after you
update new rules or change modes (Inline to Monitor and back to Inline again).

An alarm is also an action to be taken on the policy, but you must select the Alarm
checkbox to have the ZyWALL send an alarm when a traffic flow matches a rule.

Note

This field displays a policy ID number that gives details on the intrusion and the policy
fix. Log in and subscribe to the advisories at mysecurity.com for more information.

Apply

Click this button to save your changes back to the ZyWALL.

Reset

Click this button to begin configuring this screen afresh.

6.4.1 Search Example

The following screen displays when you perform a search for the “Sasser” virus. It shows that three
policies for the virus have been found. If the search finds more polices than one page can display, then
click Search again to display the next page.