Chapter 27 Application Patrol
Table 117 AppPatrol > Other > Edit (continued)
LABEL | DESCRIPTION |
Schedule | Select a schedule that defines when the policy applies or select Create Object to |
| configure a new one (see Chapter 37 on page 527 for details). Otherwise, select |
| any to make the policy always effective. |
|
|
User | Select a user name or user group to which to apply the policy. Select Create |
| Object to configure a new user account (see Section 34.2.1 on page 506 for |
| details). Select any to apply the policy for every user. |
|
|
From | Select the source zone of the traffic to which this policy applies. |
|
|
To | Select the destination zone of the traffic to which this policy applies. |
|
|
Source | Select a source address or address group for whom this policy applies. Select |
| Create Object to configure a new one. Select any if the policy is effective for every |
| source. |
|
|
Destination | Select a destination address or address group for whom this policy applies. Select |
| Create Object to configure a new one. Select any if the policy is effective for every |
| destination. |
|
|
Protocol | Select the protocol for which this condition applies. Choices are: TCP and UDP. |
| Select any to apply the policy to both TCP and UDP traffic. |
Access | This field controls what the ZyWALL does with packets that match this policy. |
| Choices are: |
| forward - the ZyWALL routes the packets. |
| Drop - the ZyWALL does not route the packets and does not notify the client of its |
| decision. |
| Reject - the ZyWALL does not route the packets and notifies the client of its |
| decision. |
|
|
Bandwidth | Configure these fields to set the amount of bandwidth the application can use. |
Management | These fields only apply when Access is set to forward. |
|
|
Inbound kbps | Type how much inbound bandwidth, in kilobits per second, this policy allows the |
| traffic to use. Inbound refers to the traffic the ZyWALL sends to a connection’s |
| initiator. |
| If you enter 0 here, this policy does not apply bandwidth management for the |
| matching traffic that the ZyWALL sends to the initiator. Traffic with bandwidth |
| management disabled (inbound and outbound are both set to 0) is automatically |
| treated as the lowest priority (7). |
| If the sum of the bandwidths for routes using the same next hop is higher than the |
| actual transmission speed, lower priority traffic may not be sent if higher priority |
| traffic uses all of the actual bandwidth. |
|
|
Outbound | Type how much outbound bandwidth, in kilobits per second, this policy allows the |
kbps | traffic to use. Outbound refers to the traffic the ZyWALL sends out from a |
| connection’s initiator. |
| If you enter 0 here, this policy does not apply bandwidth management for the |
| matching traffic that the ZyWALL sends out from the initiator. Traffic with bandwidth |
| management disabled (inbound and outbound are both set to 0) is automatically |
| treated as the lowest priority (7). |
| If the sum of the bandwidths for routes using the same next hop is higher than the |
| actual transmission speed, lower priority traffic may not be sent if higher priority |
| traffic uses all of the actual bandwidth. |
|
|
398 |
| |
ZyWALL USG 1000 User’s Guide |
| |
|
|
|