ZyXEL Communications ZyWALL 1000 22

Table of Contents

29.3		Configuring IDP General .................................................................................................	418
29.4		Configuring IDP Bindings ................................................................................................	420
29.5		Introducing IDP Profiles .................................................................................................	421
	29.5.1 Base Profiles ..........................................................................................................		421
29.6		Profile Summary Screen ..................................................................................................	422
29.7		Creating New Profiles ......................................................................................................	423
	29.7.1 Procedure To Create a New Profile ........................................................................		423
29.8		Profiles: Packet Inspection .............................................................................................	424
	29.8.1 Profile > Group View Screen ..................................................................................		424
	29.8.2 Policy Types ...........................................................................................................		427
	29.8.3 IDP Service Groups ...............................................................................................		428
	29.8.4 Profile > Query View Screen ..................................................................................		429
	29.8.5 Query Example ......................................................................................................		431
29.9		Introducing IDP Custom Signatures ...............................................................................	432
	29.9.1 IP Packet Header ...................................................................................................		432
	29.10 Configuring Custom Signatures .....................................................................................		434
	29.10.1 Creating or Editing a Custom Signature ..............................................................		435
	29.10.2 Custom Signature Example .................................................................................		439
	29.10.3 Applying Custom Signatures ................................................................................		442
	29.10.4 Verifying Custom Signatures ................................................................................		442
	29.10.5 Snort Signatures ..................................................................................................		443
Chapter 30
ADP .......................................................................................................................................			445
30.1		Introduction to ADP .........................................................................................................	445
	30.1.1 Host Intrusions .......................................................................................................		445
	30.1.2 Network Intrusions .................................................................................................		445
	30.1.3 ADP on the ZyWALL ..............................................................................................		446
30.2		Traffic Directions and Profiles ..........................................................................................	446
30.3		Configuring ADP General ................................................................................................	446
30.4		Configuring Anomaly Profile Bindings .............................................................................	447
30.5		Introducing ADP Profiles ...............................................................................................	448
	30.5.1 Base Profiles ..........................................................................................................		448
30.6		Profile Summary Screen ..................................................................................................	449
30.7		Creating New Profiles ......................................................................................................	450
	30.7.1 Procedure To Create a New Profile ........................................................................		450
30.8		Profiles: Traffic Anomaly .................................................................................................	450
	30.8.1 Port Scanning .........................................................................................................		451
	30.8.2 Flood Detection ......................................................................................................		452
	30.8.3 Profile > Traffic Anomaly Screen ............................................................................		455
30.9		Profiles: Protocol Anomaly .............................................................................................	456
	30.9.1 HTTP Inspection and TCP/UDP/ICMP Decoders ..................................................		457
	30.9.2 Protocol Anomaly Configuration .............................................................................		459

22
22			ZyWALL USG 1000 User’s Guide