|
| Chapter 27 Application Patrol |
| Table 140 Application Policy Edit (continued) | |
| LABEL | DESCRIPTION |
| Schedule | Select a schedule that defines when the policy applies or select Create Object to |
|
| configure a new one (see Chapter 38 on page 619 for details). Otherwise, select |
|
| none to make the policy always effective. |
|
|
|
| User | Select a user name or user group to which to apply the policy. Select Create |
|
| Object to configure a new user account (see Section 35.2.1 on page 596 for |
|
| details). Select any to apply the policy for every user. |
|
|
|
| From | Select the source zone of the traffic to which this policy applies. |
|
|
|
| To | Select the destination zone of the traffic to which this policy applies. |
|
|
|
| Source | Select a source address or address group for whom this policy applies. Select |
|
| Create Object to configure a new one. Select any if the policy is effective for every |
|
| source. |
|
|
|
| Destination | Select a destination address or address group for whom this policy applies. Select |
|
| Create Object to configure a new one. Select any if the policy is effective for every |
|
| destination. |
|
|
|
| Access | This field controls what the ZyWALL does with packets for this application that |
|
| match this policy. Choices are: |
|
| forward - the ZyWALL routes the packets for this application. |
|
| Drop - the ZyWALL does not route the packets for this application and does not |
|
| notify the client of its decision. |
|
| Reject - the ZyWALL does not route the packets for this application and notifies the |
|
| client of its decision. |
|
|
|
| Action Block | For some applications, you can select individual uses of the application that the |
|
| policy will have the ZyWALL block. These fields only apply when Access is set to |
|
| forward. |
|
| Login - Select this option to block users from logging in to a server for this |
|
| application. |
|
| Message - Select this option to block users from sending or receiving instant |
|
| messages. |
|
| Audio - Select this option to block users from sending or receiving audio traffic. |
|
| Video - Select this option to block users from sending or receiving video traffic. |
|
| File Transfer - Select this option to block users from sending or receiving files. |
|
|
|
| Bandwidth | Configure these fields to set the amount of bandwidth the application can use. |
| Management | These fields only apply when Access is set to forward. |
|
| You must also enable bandwidth management in the main application patrol screen |
|
| (AppPatrol > General) in order to apply bandwidth shaping. |
|
|
|
| Inbound kbps | Type how much inbound bandwidth, in kilobits per second, this policy allows the |
|
| application to use. Inbound refers to the traffic the ZyWALL sends to a |
|
| connection’s initiator. |
|
| If you enter 0 here, this policy does not apply bandwidth management for the |
|
| application’s traffic that the ZyWALL sends to the initiator. Traffic with bandwidth |
|
| management disabled (inbound and outbound are both set to 0) is automatically |
|
| treated as the lowest priority (7). |
|
| If the sum of the bandwidths for routes using the same next hop is higher than the |
|
| actual transmission speed, lower priority traffic may not be sent if higher priority |
|
| traffic uses all of the actual bandwidth. |
|
|
|
| 457 |
ZyWALL USG 100/200 Series User’s Guide | |
|
|