Manualshelf

User's Manual

ManualsBrandsZyXEL ManualsNetworkingCommunications Network Card unified security gateway
461462463464465466467468469470
ZyWALL USG 20/20W User’s Guide
467
CHAPTER 29
ADP
29.1 Overview
This chapter introduces ADP (Anomaly Detection and Prevention), anomaly
profiles and applying an ADP profile to a traffic direction. ADP protects against
anomalies based on violations of protocol standards (RFCs – Requests for
Comments) and abnormal flows such as port scans.
29.1.1 ADP
1 ADP anomaly detection is in general effective against abnormal behavior.
2 ADP traffic and anomaly rules are updated when you upload new firmware.
29.1.2 What You Can Do in this Chapter
•Use Anti-X > ADP > General (Section 29.2 on page 469) to turn anomaly
detection on or off and apply anomaly profiles to traffic directions.
•Use Anti-X > ADP > Profile (Section 29.3 on page 470) to add a new profile,
edit an existing profile or delete an existing profile.
29.1.3 What You Need To Know
Traffic Anomalies
Traffic anomaly rules look for abnormal behavior or events such as port scanning,
sweeping or network flooding. It operates at OSI layer-2 and layer-3. Traffic
anomaly rules may be updated when you upload new firmware.
Protocol Anomalies
Protocol anomalies are packets that do not comply with the relevant RFC (Request
For Comments). Protocol anomaly detection includes HTTP Inspection, TCP
Decoder, UDP Decoder and ICMP Decoder. Protocol anomaly rules may be updated
when you upload new firmware.