29
IDP
29.1 Overview
This chapter introduces packet inspection IDP (Intrusion, Detection and Prevention), IDP profiles, binding an IDP profile to a traffic flow, custom signatures and updating signatures. An IDP system can detect malicious or suspicious packets and respond instantaneously. IDP on the ZyWALL protects against
29.1.1What You Can Do Using the IDP Screens
•Use the
•Use the
•Use the
29.1.2What You Need To Know About IDP
Packet Inspection Signatures
A signature identifies a malicious or suspicious packet and specifies an action to be taken. You can change the action in the profile screens. Packet inspection signatures examine OSI (Open System Interconnection)
Zone
A zone is a combination of ZyWALL interfaces and VPN connections used for configuring security. See the zone chapter for details on zones and the interfaces chapter for details on interfaces.
IDP Profiles
An IDP profile is a set of related IDP signatures that you can activate as a set and configure common log and action settings. You can apply IDP profiles to traffic flowing from one zone to another. For example, apply the default LAN_IDP profile to any traffic going to the LAN zone in order to protect your LAN computers.
| 483 |
ZyWALL USG 100/200 Series User’s Guide | |
|
|