Chapter 27 Application Patrol
27.6 Other Applications
Sometimes, the ZyWALL cannot identify the application. For example, the application might be a new application, or the packets might arrive out of sequence. (The ZyWALL does not reorder packets when identifying the application.) In these cases, you can still provide a default rule for the ZyWALL to follow. You can use source zone, destination zone, destination port, schedule, user, source, and destination information as criteria to create a sequence of specific conditions, similar to the sequence of rules used by firewalls, to specify what the ZyWALL should do more precisely. You can also control the bandwidth used by these other applications.
27.7 Application Patrol Screens
Use the General summary screen to enable and disable application patrol.
Use the Common, Instant Messenger, Peer to Peer, VoIP, and Streaming screens to look at the applications the ZyWALL can recognize, and review the settings for each one. You can also enable and disable the rules for each application and specify the default and custom policies for each application.
The Other screen controls what the ZyWALL does when it does not recognize the application, and it identifies the conditions that refine this. It also lets you open the Other Configuration Add/Edit screen to create new conditions or edit existing ones.
Use the Statistics screen to see a bandwidth usage graph and statistics for each protocol.
27.8 Application Patrol General
Use this screen to enable and disable application patrol. It also lists the registration status and details about the signature set the ZyWALL is using.
"You must register for the IDP/AppPatrol signature service (at least the trial) before you can use it.
See Chapter 8 on page 165 for how to register. Click AppPatrol to open the following screen.
388 |
| |
ZyWALL USG 1000 User’s Guide |
| |
|
|
|