ZyXEL ZyWALL ATP700 User Guide - Page 598
Custom, Signatures, Severe, Medium, Very-Low, SID, Name, Severity, Classification Type, Platform,
View all ZyXEL ZyWALL ATP700 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 598 highlights
Chapter 29 IDP The following table describes the fields in this screen. Table 232 Configuration > Security Service > IDP LABEL DESCRIPTION General Settings Enable Query Signatures Name Signature ID Search all custom signatures Severity Select this check box to activate the IDP feature which detects and prevents malicious or suspicious packets and responds instantaneously. Type the name or part of the name of the signature(s) you want to find. Type the ID or part of the ID of the signature(s) you want to find. Select this check box to include signatures you created or imported in the Custom Signatures screen in the search. You can search for specific signatures by name or ID. If the name and ID fields are left blank, then all signatures are searched according to the criteria you select. Search for signatures by severity level(s). Hold down the [Ctrl] key if you want to make multiple selections. These are the severities as defined in the Zyxel Device. The number in brackets is the number you use if using commands. Severe (5): These denote attacks that try to run arbitrary code or gain system privileges. High (4): These denote known serious vulnerabilities or attacks that are probably not false alarms. Medium (3): These denote medium threats, access control attacks or attacks that could be false alarms. Low (2): These denote mild threats or attacks that could be false alarms. Classification Type Platform Service Action Activation Log Query Result Custom Signature Rules Add Edit Remove Export Very-Low (1): These denote possible attacks caused by traffic such as Ping, trace route, ICMP queries etc. Search for signatures by attack type(s) (see Table 233 on page 599). Attack types are known as policy types in the group view screen. Hold down the [Ctrl] key if you want to make multiple selections. Search for signatures created to prevent intrusions targeting specific operating system(s). Hold down the [Ctrl] key if you want to make multiple selections. Search for signatures by IDP service group(s). See Table 233 on page 599 for group details. Hold down the [Ctrl] key if you want to make multiple selections. Search for signatures by the response the Zyxel Device takes when a packet matches a signature.Hold down the [Ctrl] key if you want to make multiple selections. Search for activated and/or inactivated signatures here. Search for signatures by log option here. The results are displayed in a table showing the SID, Name, Severity, Classification Type, Platform, Service, Log, and Action criteria as selected in the search. Click the SID column header to sort search results by signature ID. Use this part of the screen to create, edit, delete or export (save to your computer) custom signatures. Click this to create a new entry. Select an entry and click this to be able to modify it. Select an entry and click this to delete it. To save an entry or entries as a file on your computer, select them and click Export. Click Save in the file download dialog box and then select a location and name for the file. Custom signatures must end with the 'rules' file name extension, for example, MySig.rules. ZyWALL ATP Series User's Guide 598