Chapter 30 IDP

30.3.1 Base Profiles

The ZyWALL comes with several base profiles. You use base profiles to create new profiles. In the Configuration > Anti-X > IDP > Profile screen, click Add to display the following screen.

Figure 289 Base Profiles

The following table describes this screen.

Table 143

Base Profiles

BASE

 

DESCRIPTION

PROFILE

 

 

 

none

 

All signatures are disabled. No logs are generated nor actions are taken.

 

 

 

all

 

All signatures are enabled. Signatures with a high or severe severity

 

 

level (greater than three) generate log alerts and cause packets that

 

 

trigger them to be dropped. Signatures with a very low, low or medium

 

 

severity level (less than or equal to three) generate logs (not log alerts)

 

 

and no action is taken on packets that trigger them.

 

 

 

wan

 

Signatures for all services are enabled. Signatures with a medium, high

 

 

or severe severity level (greater than two) generate logs (not log alerts)

 

 

and no action is taken on packets that trigger them. Signatures with a

 

 

very low or low severity level (less than or equal to two) are disabled.

 

 

 

lan

 

This profile is most suitable for common LAN network services.

 

 

Signatures for common services such as DNS, FTP, HTTP, ICMP, IM,

 

 

IMAP, MISC, NETBIOS, P2P, POP3, RPC, RSERVICE, SMTP, SNMP, SQL,

 

 

TELNET, TFTP, MySQL are enabled. Signatures with a high or severe

 

 

severity level (greater than three) generate logs (not log alerts) and

 

 

cause packets that trigger them to be dropped. Signatures with a low or

 

 

medium severity level (two or three) generate logs (not log alerts) and

 

 

no action is taken on packets that trigger them. Signatures with a very

 

 

low severity level (one) are disabled.

 

 

 

484

 

ZyWALL USG 50 User’s Guide