Home » ZyXEL Manuals » Network Security & Firewall Devices » ZyXEL ZyWALL ATP700 » Manual Viewer

ZyXEL ZyWALL ATP700 User Guide - Page 185

Monitor > Security Statistics > IDP > Summary

View all ZyXEL ZyWALL ATP700 manuals

Add to My Manuals
Save this manual to your list of manuals

Page 185 highlights

Chapter 6 Monitor The following table describes the labels in this screen. Table 68 Monitor > Security Statistics > IDP > Summary LABEL DESCRIPTION Collect Statistics Select this check box to have the Zyxel Device collect IDP statistics. Apply Reset Refresh Flush Data Total Session Scanned Total Packet Dropped Total Packet Reset Top Entries By The collection starting time displays after you click Apply. All of the statistics in this screen are for the time period starting at the time displayed here. The format is year, month, day and hour, minute, second. All of the statistics are erased if you restart the Zyxel Device or click Flush Data. Collecting starts over and a new collection start time displays. Click Apply to save your changes back to the Zyxel Device. Click Reset to return the screen to its last-saved settings. Click this button to update the report display. Click this button to discard all of the screen's statistics and update the report display. This field displays the number of sessions that the Zyxel Device has checked for intrusion characteristics. The Zyxel Device can detect and drop malicious packets from network traffic. This field displays the number of packets that the Zyxel Device has dropped. The Zyxel Device can detect and drop malicious packets from network traffic. This field displays the number of packets that the Zyxel Device has reset. Use this field to have the following (read-only) table display the top IDP log entries by Signature Name, Source IP or Destination IP. This table displays the most common, recent IDP logs. See the log screen for less common IDP logs or use a syslog server to record all IDP logs. Select Signature Name to list the most common signatures that the Zyxel Device has detected. Select Source IP to list the source IP addresses from which the Zyxel Device has detected the most intrusion attempts. Add to white list Remove from white list # Signature Name Signature ID Type Severity Source IP Destination IP Occurrences White List Select Destination IP to list the most common destination IP addresses for intrusion attempts that the Zyxel Device has detected. Select a signature and click this to add the selected signature to the IDP white list. Select a signature and click this to remove the selected signature from the IDP white list. This field displays the entry's rank in the list of the top entries. This column displays when you display the entries by Signature Name. The signature name identifies the type of intrusion pattern. Click the hyperlink for more detailed information on the intrusion. This column displays when you display the entries by Signature Name. The signature ID is a unique value given to each intrusion detected. This column displays when you display the entries by Signature Name. It shows the categories of intrusions. This column displays when you display the entries by Signature Name. It shows the level of threat that the intrusions may pose. This column displays when you display the entries by Source. It shows the source IP address of the intrusion attempts. This column displays when you display the entries by Destination. It shows the destination IP address at which intrusion attempts were targeted. This field displays how many times the Zyxel Device has detected the event described in the entry. Click this to add this signature to the IDP white list. Click this to remove this signature from the IDP white list. ZyWALL ATP Series User's Guide 185

Section	Page
ZyWALL ATP Series	1
Document Conventions	3
Contents Overview	4
Table of Contents	6
User’s Guide	24
Introduction	25
1.1 Overview	25
1.1.1 Model Feature Differences	25
1.2 Registration at myZyxel	26
1.2.1 Grace Period	27
1.2.2 Applications	27
1.3 Management Overview	30
1.4 Web Configurator	31
1.4.1 Web Configurator Access	31
1.4.2 Web Configurator Screens Overview	34
1.4.3 Navigation Panel	38
1.4.4 Tables and Lists	46
Initial Setup Wizard	50
2.1 Initial Setup Wizard Screens	50
2.1.1 Internet Access Setup - WAN Interface	50
2.1.2 Internet Access: Ethernet	51
2.1.3 Internet Access: PPPoE	52
2.1.4 Internet Access: PPTP	54
2.1.5 Internet Access: L2TP	56
2.1.6 Internet Access Setup - Second WAN Interface	58
2.1.7 Internet Access: Congratulations	59
2.1.8 Date and Time Settings	60
2.1.9 Register Device	60
2.1.10 Activate Service	62
2.1.11 Service Settings	63
2.1.12 Service Settings: SecuReporter	64
2.1.13 Wireless Settings: Management Mode	65
2.1.14 Wireless Settings: AP Controller	66
2.1.15 Wireless Settings: SSID & Security	66
2.1.16 Remote Management	67
Hardware, Interfaces and Zones	69
3.1 Hardware Overview	69
3.1.1 Front Panels	69
3.1.2 Rear Panels	71
3.2 Installation Scenarios	72
3.2.1 Desktop Installation Procedure	73
3.2.2 Rack-mounting	74
3.2.3 Wall-mounting	75
3.3 Default Zones, Interfaces, and Ports	77
3.4 Stopping the Zyxel Device	78
Quick Setup Wizards	79
4.1 Quick Setup Overview	79
4.2 WAN Interface Quick Setup	80
4.2.1 Choose an Ethernet Interface	80
4.2.2 Select WAN Type	81
4.2.3 Configure WAN IP Settings	81
4.2.4 ISP and WAN and ISP Connection Settings	82
4.2.5 Quick Setup Interface Wizard: Summary	85
4.3 VPN Setup Wizard	86
4.3.1 Welcome	86
4.3.2 VPN Setup Wizard: Wizard Type	87
4.3.3 VPN Express Wizard - Scenario	88
4.3.4 VPN Express Wizard - Configuration	89
4.3.5 VPN Express Wizard - Summary	89
4.3.6 VPN Express Wizard - Finish	90
4.3.7 VPN Advanced Wizard - Scenario	91
4.3.8 VPN Advanced Wizard - Phase 1 Settings	92
4.3.9 VPN Advanced Wizard - Phase 2	94
4.3.10 VPN Advanced Wizard - Summary	95
4.3.11 VPN Advanced Wizard - Finish	97
4.4 VPN Settings for Configuration Provisioning Wizard: Wizard Type	98
4.4.1 Configuration Provisioning Express Wizard - VPN Settings	98
4.4.2 Configuration Provisioning VPN Express Wizard - Configuration	99
4.4.3 VPN Settings for Configuration Provisioning Express Wizard - Summary	100
4.4.4 VPN Settings for Configuration Provisioning Express Wizard - Finish	101
4.4.5 VPN Settings for Configuration Provisioning Advanced Wizard - Scenario	102
4.4.6 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 1 Settings	103
4.4.7 VPN Settings for Configuration Provisioning Advanced Wizard - Phase 2	104
4.4.8 VPN Settings for Configuration Provisioning Advanced Wizard - Summary	105
4.4.9 VPN Settings for Configuration Provisioning Advanced Wizard - Finish	108
4.5 VPN Settings for L2TP VPN Settings Wizard	108
4.5.1 L2TP VPN Settings	109
4.5.2 L2TP VPN Settings	110
4.5.3 VPN Settings for L2TP VPN Setting Wizard - Summary	110
4.5.4 VPN Settings for L2TP VPN Setting Wizard - Completed	112
4.6 Wireless Setup Wizard	112
4.6.1 Management Mode	113
4.6.2 SSID	113
4.6.3 Radio	115
4.6.4 Summary	116
4.6.5 Wizard Completed	117
Dashboard	118
5.1 Overview	118
5.1.1 What You Can Do in this Chapter	118
5.2 The General Screen	118
5.2.1 Device Information Screen	120
5.2.2 System Status Screen	121
5.2.3 Tx/Rx Statistics	121
5.2.4 The Latest Logs Screen	122
5.2.5 System Resources Screen	122
5.2.6 DHCP Table Screen	123
5.2.7 Number of Login Users Screen	124
5.2.8 Current Login User	125
5.2.9 VPN Status	125
5.2.10 SSL VPN Status	126
5.3 The Advanced Threat Protection Screen	126
Technical Reference	128
Monitor	129
6.1 Overview	129
6.1.1 What You Can Do in this Chapter	129
6.2 The Port Statistics Screen	131
6.2.1 The Port Statistics Graph Screen	132
6.3 Interface Status Screen	133
6.4 The Traffic Statistics Screen	137
6.5 The Session Monitor Screen	139
6.6 The Login Users Screen	141
6.7 IGMP Statistics	143
6.8 The DDNS Status Screen	144
6.9 IP/MAC Binding	144
6.10 Cellular Status Screen	145
6.10.1 More Information	148
6.11 The UPnP Port Status Screen	149
6.12 USB Storage Screen	150
6.13 Ethernet Neighbor Screen	151
6.14 FQDN Object Screen	152
6.15 AP Information: AP List	154
6.15.1 AP List: More Information	157
6.15.2 AP List: Config AP	160
6.16 AP Information: Radio List	162
6.16.1 Radio List: More Information	164
6.17 AP Information: Built-in AP	165
6.18 AP Information: Top N APs	166
6.19 AP Information: Single AP	168
6.20 ZyMesh	169
6.21 SSID Info	170
6.22 Station Info: Station List	170
6.23 Station Info: Top N Stations	171
6.24 Station Info: Single Station	172
6.25 Detected Device	173
6.26 The IPSec Screen	174
6.27 The SSL Screen	176
6.28 The L2TP over IPSec Screen	176
6.29 The App Patrol Screen	177
6.30 The Content Filter Screen	178
6.31 The Anti-Malware Screen	180
6.32 The Reputation Filter Screen	182
6.33 The IDP Screen	184
6.34 Sandboxing	186
6.35 The Email Security Screens	187
6.35.1 Email Security Summary	187
6.35.2 The Email Security Status Screen	189
6.36 The SSL Inspection Screens	191
6.36.1 Certificate Cache List	192
6.37 Log Screens	193
6.37.1 View Log	193
6.37.2 View AP Log	195
Licensing	198
7.1 Registration Overview	198
7.1.1 What you Need to Know	198
7.1.2 Registration Screen	199
7.1.3 Service Screen	200
7.2 Signature Update	201
7.2.1 What you Need to Know	201
7.2.2 The Signature Screen	202
7.2.3 Auto Update	202
Wireless	204
8.1 Overview	204
8.1.1 What You Can Do in this Chapter	204
8.2 Built-in AP	204
8.2.1 Wireless > Built-in AP > General >Add/Edit SSID	206
8.2.2 Wireless > Built-in AP > Radio	209
8.3 Controller Screen	215
8.3.1 Connecting an AP to the Zyxel Device	215
8.3.2 Connecting an AP to the Zyxel Device Manually	216
8.3.3 Connecting an AP to the Zyxel Device Using DHCP Option 138	216
8.4 AP Management Screens	217
8.4.1 Mgnt. AP List	217
8.4.2 AP Policy	222
8.4.3 AP Group	223
8.4.4 Firmware	229
8.5 Rogue AP	230
8.5.1 Add/Edit Rogue/Friendly List	232
8.6 Auto Healing	233
8.7 RTLS Overview	234
8.7.1 What You Can Do in this Chapter	234
8.7.2 Before You Begin	234
8.7.3 Configuring RTLS	235
8.8 Technical Reference	236
8.8.1 Dynamic Channel Selection	236
8.8.2 Load Balancing	237
Interfaces	238
9.1 Interface Overview	238
9.1.1 What You Can Do in this Chapter	238
9.1.2 What You Need to Know	238
9.1.3 What You Need to Do First	243
9.2 Port Role	243
9.3 Port Configuration	244
9.4 Ethernet Summary Screen	245
9.4.1 Ethernet Edit	247
9.4.2 Proxy ARP	263
9.4.3 Virtual Interfaces	264
9.4.4 References	265
9.4.5 Add/Edit DHCPv6 Request/Release Options	266
9.4.6 Add/Edit DHCP Extended Options	267
9.5 PPP Interfaces	268
9.5.1 PPP Interface Summary	269
9.5.2 PPP Interface Add or Edit	270
9.6 Cellular Configuration Screen	275
9.6.1 Cellular Choose Slot	278
9.6.2 Add / Edit Cellular Configuration	278
9.7 Tunnel Interfaces	284
9.7.1 Configuring a Tunnel	286
9.7.2 Tunnel Add or Edit Screen	287
9.8 VLAN Interfaces	291
9.8.1 VLAN Summary Screen	292
9.8.2 VLAN Add/Edit	293
9.9 Bridge Interfaces	304
9.9.1 Bridge Summary	306
9.9.2 Bridge Add/Edit	307
9.10 VTI	318
9.10.1 Restrictions for IPSec Virtual Tunnel Interface	318
9.10.2 VTI Screen	319
9.10.3 VTI Add/Edit	319
9.11 Trunk Overview	323
9.11.1 What You Need to Know	323
9.12 The Trunk Summary Screen	326
9.12.1 Configuring a User-Defined Trunk	327
9.12.2 Configuring the System Default Trunk	329
9.13 Interface Technical Reference	330
Routing	335
10.1 Policy and Static Routes Overview	335
10.1.1 What You Can Do in this Chapter	335
10.1.2 What You Need to Know	336
10.2 Policy Route Screen	337
10.2.1 Policy Route Edit Screen	339
10.3 IP Static Route Screen	344
10.3.1 Static Route Add/Edit Screen	344
10.4 Policy Routing Technical Reference	346
10.5 Routing Protocols Overview	346
10.5.1 What You Need to Know	347
10.6 The RIP Screen	347
10.7 The OSPF Screen	349
10.7.1 Configuring the OSPF Screen	352
10.7.2 OSPF Area Add/Edit Screen	353
10.7.3 Virtual Link Add/Edit Screen	355
10.8 BGP (Border Gateway Protocol)	356
10.8.1 Allow BGP Packets to Enter the Zyxel Device	357
10.8.2 Configuring the BGP Screen	357
10.8.3 The BGP Neighbors Screen	359
10.8.4 Example Scenario	360
DDNS	362
11.1 DDNS Overview	362
11.1.1 What You Can Do in this Chapter	362
11.1.2 What You Need to Know	362
11.2 The DDNS Screen	363
11.2.1 The Dynamic DNS Add/Edit Screen	364
NAT	368
12.1 NAT Overview	368
12.1.1 What You Can Do in this Chapter	368
12.1.2 What You Need to Know	368
12.2 The NAT Screen	369
12.2.1 The NAT Add/Edit Screen	371
12.3 NAT Technical Reference	374
Redirect Service	376
13.1 Overview	376
13.1.1 HTTP Redirect	376
13.1.2 SMTP Redirect	376
13.1.3 What You Can Do in this Chapter	377
13.1.4 What You Need to Know	377
13.2 The Redirect Service Screen	379
13.2.1 The Redirect Service Edit Screen	380
ALG	382
14.1 ALG Overview	382
14.1.1 What You Need to Know	382
14.1.2 Before You Begin	385
14.2 The ALG Screen	385
14.3 ALG Technical Reference	387
UPnP	389
15.1 UPnP and NAT-PMP Overview	389
15.2 What You Need to Know	389
15.2.1 NAT Traversal	389
15.2.2 Cautions with UPnP and NAT-PMP	390
15.3 UPnP Screen	390
15.4 Technical Reference	391
15.4.1 Turning on UPnP in Windows 7 Example	391
15.4.2 Turn on UPnP in Windows 10 Example	395
15.4.3 Auto-discover Your UPnP-enabled Network Device	397
15.4.4 Web Configurator Easy Access in Windows 7	400
15.4.5 Web Configurator Easy Access in Windows 10	402
IP/MAC Binding	404
16.1 IP/MAC Binding Overview	404
16.1.1 What You Can Do in this Chapter	404
16.1.2 What You Need to Know	404
16.2 IP/MAC Binding Summary	405
16.2.1 IP/MAC Binding Edit	406
16.2.2 Static DHCP Edit	407
16.3 IP/MAC Binding Exempt List	408
Layer 2 Isolation	409
17.1 Overview	409
17.1.1 What You Can Do in this Chapter	409
17.2 Layer-2 Isolation General Screen	409
17.3 White List Screen	410
17.3.1 Add/Edit White List Rule	411
DNS Inbound LB	413
18.1 DNS Inbound Load Balancing Overview	413
18.1.1 What You Can Do in this Chapter	413
18.2 The DNS Inbound LB Screen	414
18.2.1 The DNS Inbound LB Add/Edit Screen	415
18.2.2 The DNS Inbound LB Add/Edit Member Screen	417
IPSec VPN	419
19.1 Virtual Private Networks (VPN) Overview	419
19.1.1 What You Can Do in this Chapter	421
19.1.2 What You Need to Know	421
19.1.3 Before You Begin	424
19.2 The VPN Connection Screen	424
19.2.1 The VPN Connection Add/Edit Screen	426
19.3 The VPN Gateway Screen	433
19.3.1 The VPN Gateway Add/Edit Screen	434
19.4 VPN Concentrator	441
19.4.1 VPN Concentrator Requirements and Suggestions	441
19.4.2 VPN Concentrator Screen	442
19.4.3 The VPN Concentrator Add/Edit Screen	442
19.5 Zyxel Device IPSec VPN Client Configuration Provisioning	443
19.6 IPSec VPN Background Information	445
SSL VPN	455
20.1 Overview	455
20.1.1 What You Can Do in this Chapter	455
20.1.2 What You Need to Know	455
20.2 The SSL Access Privilege Screen	456
20.2.1 The SSL Access Privilege Policy Add/Edit Screen	457
20.3 The SSL Global Setting Screen	459
L2TP VPN	461
21.1 Overview	461
21.1.1 What You Can Do in this Chapter	461
21.1.2 What You Need to Know	461
21.2 L2TP VPN Screen	462
21.2.1 Example: L2TP and Zyxel Device Behind a NAT Router	464
BWM (Bandwidth Management)	467
22.1 Overview	467
22.1.1 What You Can Do in this Chapter	467
22.1.2 What You Need to Know	467
22.2 The Bandwidth Management Configuration	471
22.2.1 The Bandwidth Management Add/Edit Screen	474
Web Authentication	483
23.1 Web Auth Overview	483
23.1.1 What You Can Do in this Chapter	483
23.1.2 What You Need to Know	484
23.2 Web Authentication General Screen	484
23.2.1 User-aware Access Control Example	489
23.2.2 Authentication Type Screen	495
23.2.3 Custom Web Portal / User Agreement File Screen	499
23.3 SSO Overview	500
23.4 SSO - Zyxel Device Configuration	502
23.4.1 Configuration Overview	502
23.4.2 Configure the Zyxel Device to Communicate with SSO	502
23.4.3 Enable Web Authentication	503
23.4.4 Create a Security Policy	505
23.4.5 Configure User Information	506
23.4.6 Configure an Authentication Method	507
23.4.7 Configure Active Directory	508
23.5 SSO Agent Configuration	509
Security Policy	512
24.1 Overview	512
24.2 One Security	513
24.3 What You Can Do in this Chapter	516
24.3.1 What You Need to Know	516
24.4 The Security Policy Screen	518
24.4.1 Configuring the Security Policy Control Screen	519
24.4.2 The Security Policy Control Add/Edit Screen	523
24.5 Anomaly Detection and Prevention Overview	524
24.5.1 The Anomaly Detection and Prevention General Screen	525
24.5.2 Creating New ADP Profiles	526
24.5.3 Traffic Anomaly Profiles	527
24.5.4 Protocol Anomaly Profiles	530
24.6 The Session Control Screen	533
24.6.1 The Session Control Add/Edit Screen	534
24.7 Security Policy Example Applications	535
Application Patrol	538
25.1 Overview	538
25.1.1 What You Can Do in this Chapter	538
25.1.2 What You Need to Know	538
25.2 Application Patrol Profile	539
25.2.1 Profile Action: Apply to a Security Policy	540
25.2.2 Application Patrol Profile > Add/Edit - My Application	543
25.2.3 Application Patrol Profile > Add/Edit - Query Result	544
Content Filter	547
26.1 Overview	547
26.1.1 What You Can Do in this Chapter	547
26.1.2 What You Need to Know	547
26.1.3 Before You Begin	549
26.2 Content Filter Profile Screen	549
26.2.1 Apply to a Security Policy	550
26.2.2 Content Filter Add Profile Category Service	553
26.2.3 Content Filter Add Filter Profile Custom Service	566
26.3 Content Filter Trusted Web Sites Screen	568
26.4 Content Filter Forbidden Web Sites Screen	569
26.5 Content Filter Technical Reference	570
Anti-Malware	572
27.1 Overview	572
27.1.1 What You Can Do in this Chapter	576
27.2 Anti-Malware Screen	577
27.3 The White List Screen	581
27.4 The Black List Screen	582
27.5 Anti-Malware Signature Searching	583
27.6 Anti-Malware Technical Reference	584
Reputation Filter	586
28.1 Overview	586
28.1.1 What You Need to Know	586
28.1.2 What You Can Do in this Chapter	586
28.2 IP Reputation Screen	586
28.2.1 IP Reputation White List Screen	590
28.2.2 IP Reputation Black List Screen	590
28.3 URL Threat Filter Screen	591
28.3.1 URL Threat Filter White List Screen	593
28.3.2 URL Threat Filter Black List Screen	594
IDP	596
29.1 Overview	596
29.1.1 What You Can Do in this Chapter	596
29.1.2 What You Need To Know	596
29.1.3 Before You Begin	596
29.2 The IDP Screen	597
29.2.1 Query Example	601
29.3 IDP Custom Signatures	602
29.3.1 Add / Edit Custom Signatures	603
29.3.2 Custom Signature Example	607
29.3.3 Applying Custom Signatures	609
29.3.4 Verifying Custom Signatures	610
29.4 The White List Screen	610
29.5 IDP Technical Reference	611
Sandboxing	614
30.1 Overview	614
30.1.1 What You Need to Know	615
30.2 Sandboxing Screen	615
Email Security	618
31.1 Overview	618
31.1.1 What You Can Do in this Chapter	618
31.1.2 What You Need to Know	618
31.2 Before You Begin	619
31.3 The Email Security Screen	620
31.4 The Black List / White List Screen	622
31.4.1 The Black or White List Add/Edit Screen	623
31.4.2 Regular Expressions in Black or White List Entries	625
31.5 Email Security Technical Reference	625
SSL Inspection	629
32.1 Overview	629
32.1.1 What You Can Do in this Chapter	629
32.1.2 What You Need To Know	629
32.1.3 Before You Begin	630
32.2 The SSL Inspection Profile Screen	630
32.2.1 Apply to a Security Policy	631
32.2.2 Add / Edit SSL Inspection Profiles	634
32.3 Exclude List Screen	635
32.4 Certificate Update Screen	637
32.5 Install a CA Certificate in a Browser	638
IP Exception	641
33.1 Overview	641
33.2 The IP Exception Screen	641
33.2.1 The IP Exception Add/Edit Screen	642
Object	644
34.1 Zones Overview	644
34.1.1 What You Need to Know	644
34.1.2 The Zone Screen	645
34.2 User/Group Overview	647
34.2.1 What You Need To Know	647
34.2.2 User/Group User Summary Screen	649
34.2.3 User/Group Group Summary Screen	654
34.2.4 User/Group Setting Screen	655
34.2.5 User/Group MAC Address Summary Screen	660
34.2.6 User /Group Technical Reference	662
34.3 AP Profile Overview	662
34.3.1 Radio Screen	663
34.3.2 SSID Screen	669
34.4 MON Profile	678
34.4.1 Overview	678
34.4.2 Configuring MON Profile	679
34.4.3 Add/Edit MON Profile	680
34.4.4 Technical Reference	681
34.5 ZyMesh Overview	682
34.5.1 ZyMesh Profile	684
34.5.2 Add/Edit ZyMesh Profile	685
34.6 Address/Geo IP Overview	685
34.6.1 What You Need To Know	686
34.6.2 Address Summary Screen	686
34.6.3 Address Group Summary Screen	690
34.6.4 Geo IP Summary Screen	692
34.7 Service Overview	695
34.7.1 What You Need to Know	695
34.7.2 The Service Summary Screen	696
34.7.3 The Service Group Summary Screen	698
34.8 Schedule Overview	700
34.8.1 What You Need to Know	700
34.8.2 The Schedule Screen	701
34.8.3 The Schedule Group Screen	704
34.9 AAA Server Overview	705
34.9.1 Directory Service (AD/LDAP)	706
34.9.2 RADIUS Server	706
34.9.3 ASAS	706
34.9.4 What You Need To Know	707
34.9.5 Active Directory or LDAP Server Summary	708
34.9.6 RADIUS Server Summary	712
34.10 Auth. Method Overview	715
34.10.1 Before You Begin	715
34.10.2 Example: Selecting a VPN Authentication Method	715
34.10.3 Authentication Method Objects	716
34.10.4 Two-Factor Authentication VPN Access	718

Match case Limit results 1 per page

Chapter 6 Monitor

ZyWALL ATP Series User’s Guide

185

The following table describes the labels in this screen.

Table 68

Monitor > Security Statistics > IDP > Summary

LABEL

DESCRIPTION

Collect Statistics

Select this check box to have the Zyxel Device collect IDP statistics.

The collection starting time displays after you click

Apply

. All of the statistics in this screen

are for the time period starting at the time displayed here. The format is year, month,

day and hour, minute, second. All of the statistics are erased if you restart the Zyxel

Device or click

Flush Data

. Collecting starts over and a new collection start time displays.

Apply

Click

Apply

to save your changes back to the Zyxel Device.

Reset

Click

Reset

to return the screen to its last-saved settings.

Refresh

Click this button to update the report display.

Flush Data

Click this button to discard all of the screen’s statistics and update the report display.

Total Session Scanned

This field displays the number of sessions that the Zyxel Device has checked for intrusion

characteristics.

Total Packet Dropped

The Zyxel Device can detect and drop malicious packets from network traffic. This field

displays the number of packets that the Zyxel Device has dropped.

Total Packet Reset

The Zyxel Device can detect and drop malicious packets from network traffic. This field

displays the number of packets that the Zyxel Device has reset.

Top Entries By

Use this field to have the following (read-only) table display the top IDP log entries by

Signature

Name

Source

Destination IP

. This table displays the most common, recent

IDP logs. See the log screen for less common IDP logs or use a syslog server to record all

IDP logs.

Select

Signature

Name

to list the most common signatures that the Zyxel Device has

detected.

Select

Source

to list the source IP addresses from which the Zyxel Device has detected

the most intrusion attempts.

Select

Destination

to list the most common destination IP addresses for intrusion

attempts that the Zyxel Device has detected.

Add to white list

Select a signature and click this to add the selected signature to the IDP white list.

Remove from white list

Select a signature and click this to remove the selected signature from the IDP white list.

This field displays the entry’s rank in the list of the top entries.

Signature Name

This column displays when you display the entries by

Signature

Name

. The signature

name identifies the type of intrusion pattern. Click the hyperlink for more detailed

information on the intrusion.

Signature ID

This column displays when you display the entries by

Signature

Name

. The signature ID is

a unique value given to each intrusion detected.

Type

This column displays when you display the entries by

Signature

Name

. It shows the

categories of intrusions.

Severity

This column displays when you display the entries by

Signature

Name

. It shows the level

of threat that the intrusions may pose.

Source IP

This column displays when you display the entries by

Source.

It shows the source IP

address of the intrusion attempts.

Destination IP

This column displays when you display the entries by

Destination.

It shows the destination

IP address at which intrusion attempts were targeted.

Occurrences

This field displays how many times the Zyxel Device has detected the event described in

the entry.

White List

Click this

to add this signature to the IDP white list.

Click this

to remove this signature from the IDP white list.