HP VPN Firewall Appliances Attack Protection Configuration Guide
161
Table 41 Configuration items
Item Descri
p
tion
Source Zone
Select the source zone to which to
apply the protocol audit policy.
IMPORTANT:
• You can configure only one protocol audit
policy application for a pair of source and
destination security zones.
• When the source zone and the destination
zone are different zones, specify the
internal trusted zone as the destination
zone and the external untrusted zone as the
source zone.
• Do not use the Management, Any, or Local
zone as the source or destination zone.
Destination Zone
Select the destination zone to
which to apply the protocol audit
policy.
Protocol Audit
Policy
Select the protocol audit policy to be applied.
To add a protocol audit policy to the Protocol Audit Policy list, click the following Add
button (see "Creating a protocol audit policy").
Audited Zones Select the zones to be audited.
Source IP List
Add the source IP addresses to be matched by the protocol audit policy.
You can add up to ten host addresses or network segment addresses.
Destination IP List
Add the destination IP addresses to be matched by the protocol audit policy.
You can add up to ten host addresses or network segment addresses.
Excluded IP List
Add IP addresses to be excluded from the source or destination IP list of the protocol
audit policy. The protocol audit policy does not match excluded IP addresses.
You can add up to ten host addresses or network segment addresses that are
included on the source or destination IP list.
URL filtering
Feature and hardware compatibility
Hardware URL filterin
g
com
p
atibilit
y
F1000-A-EI/F1000-E-SI/F1000-S-AI Yes
F1000-C-G/F1000-S-G/F1000-A-G Yes
F1000-E No
F1000-S-EI No
F100-C-G/F100-S-G Yes
F100-M-G/F100-A-G/F100-E-G Yes
F5000-A5 No
F5000-S/F5000-C No
Firewall modules No
U200-A/U200-M/U200-CA Yes