ZyWALL User's Guide
Chapter 29 IDP
ZyWALL USG 100/200 Series User’s Guide
493
29.6.2 Policy Types
This section describes IDP policy types, also known as attack types, as categorized in the
ZyWALL. You may refer to these types when categorizing your own custom rules.
Action Select what action the ZyWALL should take when a packet matches a signature
here.
original setting: Select this action to return each signature in a service group to its
previously saved configuration.
none: Select this action on an individual signature or a complete service group to
have the ZyWALL take no action when a packet matches the signature(s).
drop: Select this action on an individual signature or a complete service group to
have the ZyWALL silently drop a packet that matches the signature(s). Neither
sender nor receiver are notified.
reject-sender: Select this action on an individual signature or a complete service
group to have the ZyWALL send a reset to the sender when a packet matches the
signature. If it is a TCP attack packet, the ZyWALL will send a packet with a ‘RST’
flag. If it is an ICMP or UDP attack packet, the ZyWALL will send an ICMP
unreachable packet.
reject-receiver: Select this action on an individual signature or a complete service
group to have the ZyWALL send a reset to the receiver when a packet matches the
signature. If it is a TCP attack packet, the ZyWALL will send a packet with an a ‘RST’
flag. If it is an ICMP or UDP attack packet, the ZyWALL will do nothing.
reject-both: Select this action on an individual signature or a complete service group
to have the ZyWALL send a reset to both the sender and receiver when a packet
matches the signature. If it is a TCP attack packet, the ZyWALL will send a packet
with a ‘RST’ flag to the receiver and sender. If it is an ICMP or UDP attack packet, the
ZyWALL will send an ICMP unreachable packet.
OK A profile consists of three separate screens. If you want to configure just one screen
for an IDP profile, click OK to save your settings to the ZyWALL, complete the profile
and return to the profile summary page.
Cancel Click Cancel to return to the profile summary page without saving any changes.
Save If you want to configure more than one screen for an IDP profile, click Save to save
the configuration to the ZyWALL, but remain in the same page. You may then go to
another profile screen (tab) in order to complete the profile. Click OK in the final
profile screen to complete the profile.
Table 156 Anti-X > IDP > Profile > Group View (continued)
LABEL DESCRIPTION
Table 157 Policy Types
POLICY TYPE DESCRIPTION
P2P Peer-to-peer (P2P) is where computing devices link directly to each other and
can directly initiate communication with each other; they do not need an
intermediary. A device can be both the client and the server. In the ZyWALL,
P2P refers to peer-to-peer applications such as e-Mule, e-Donkey, BitTorrent,
iMesh, etc.
IM IM (Instant Messaging) refers to chat applications. Chat is real-time, text-based
communication between two or more users via networks-connected computers.
After you enter a chat (or chat room), any room member can type a message
that will appear on the monitors of all the other participants.
SPAM Spam is unsolicited “junk” e-mail sent to large numbers of people to promote
products or services.