User's Manual

ManualsBrandsZyXEL ManualsNetworkingISG50

411

412

413

414

415

416

417

418

419

420

Chapter 26 ADP

ISG50 User’s Guide

420

The following table describes the fields in this screen.

Table 139 Configuration > ADP > Profile > Protocol Anomaly

LABEL DESCRIPTION

Name This is the name of the profile. You may use 1-31 alphanumeric characters,

underscores(

_), or dashes (-), but the first character cannot be a number. This

value is case-sensitive. These are valid, unique profile names:

MyProfile

mYProfile

Mymy12_3-4

These are invalid profile names:

1mYProfile

My Profile

MyProfile?

Whatalongprofilename123456789012

HTTP Inspection/TCP Decoder/UDP Decoder/ICMP Decoder

Activate To turn on an entry, select it and click Activate.

Inactivate To turn off an entry, select it and click Inactivate.

Log To edit an item’s log option, select it and use the Log icon. Select whether to have

the ISG50 generate a log (log), log and alert (log alert) or neither (no) when

traffic matches this anomaly rule. See Chapter 53 on page 705 for more on logs.

Action To edit what action the ISG50 takes when a packet matches a signature, select the

signature and use the Action icon.

none: Select this action on an individual signature or a complete service group to

have the ISG50 take no action when a packet matches a rule.

drop: Select this action on an individual signature or a complete service group to

have the ISG50 silently drop a packet that matches a rule. Neither sender nor

receiver are notified.

reject-sender: Select this action on an individual signature or a complete service

group to have the ISG50 send a reset to the sender when a packet matches the

signature. If it is a TCP attack packet, the ISG50 will send a packet with a ‘RST’

flag. If it is an ICMP or UDP attack packet, the ISG50 will send an ICMP

unreachable packet.

reject-receiver: Select this action on an individual signature or a complete

service group to have the ISG50 send a reset to the receiver when a packet

matches the rule. If it is a TCP attack packet, the ISG50 will send a packet with an

a ‘RST’ flag. If it is an ICMP or UDP attack packet, the ISG50 will do nothing.

reject-both: Select this action on an individual signature or a complete service

group to have the ISG50 send a reset to both the sender and receiver when a

packet matches the rule. If it is a TCP attack packet, the ISG50 will send a packet

with a ‘RST’ flag to the receiver and sender. If it is an ICMP or UDP attack packet,

the ISG50 will send an ICMP unreachable packet.

# This is the entry’s index number in the list.

Status The activate (light bulb) icon is lit when the entry is active and dimmed when the

entry is inactive.

Name This is the name of the protocol anomaly rule. Click the Name column heading to

sort in ascending or descending order according to the protocol anomaly rule

name.

Activation Click the icon to enable or disable a rule or group of rules.