ZyXEL UAG715 User Guide - Page 317
What You Can Do in this What You Need To Know
View all ZyXEL UAG715 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 317 highlights
CHAPTER 27 ADP 27.1 Overview This chapter introduces ADP (Anomaly Detection and Prevention), anomaly profiles and applying an ADP profile to a traffic direction. ADP protects against anomalies based on violations of protocol standards (RFCs - Requests for Comments) and abnormal flows such as port scans. ADP anomaly detection is in general effective against abnormal behavior. ADP traffic and anomaly rules are updated when you upload new firmware. 27.1.1 What You Can Do in this Chapter • Use Anti-X > ADP > General (Section 27.2 on page 318) to turn anomaly detection on or off and apply anomaly profiles to traffic directions. • Use Anti-X > ADP > Profile (Section 27.3 on page 319) to add a new profile, edit an existing profile or delete an existing profile. 27.1.2 What You Need To Know Traffic Anomalies Traffic anomaly rules look for abnormal behavior or events such as port scanning, sweeping or network flooding. It operates at OSI layer-2 and layer-3. Traffic anomaly rules may be updated when you upload new firmware. Protocol Anomalies Protocol anomalies are packets that do not comply with the relevant RFC (Request For Comments). Protocol anomaly detection includes HTTP Inspection, TCP Decoder, UDP Decoder and ICMP Decoder. Protocol anomaly rules may be updated when you upload new firmware. ADP Profile An ADP profile is a set of traffic anomaly rules and protocol anomaly rules that you can activate as a set and configure common log and action settings. You can apply ADP profiles to traffic flowing from one zone to another. Base ADP Profiles Base ADP profiles are templates that you use to create new ADP profiles. The UAG comes with several base profiles. See Table 122 on page 320 for details on ADP base profiles. UAG715 User's Guide 317