Chapter 29 IDP
Figure 321
The following table describes the screens in this screen.
Table 128
LABEL | DESCRIPTION |
Enable | Select this check box to turn on this IDP profile to traffic direction binding. |
|
|
From | Traffic direction is defined by the zone the traffic is coming from and the zone |
| the traffic is going to. |
| Use the From field to specify the zone from which the traffic is coming. |
|
|
To | Use the To field to specify the zone to which the traffic is going. |
|
|
IDP Profile | An IDP profile is a set of IDP rules with configured activation, log and action |
| settings. Select an IDP profile to bind to the entry’s traffic direction. Configure |
| the IDP profiles in the IDP profile screens. |
|
|
OK | Click OK to save your changes. |
|
|
Cancel | Click Cancel to exit this screen without saving your changes. |
|
|
29.5 Introducing IDP Profiles
An IDP profile is a set of packet inspection signatures.
Packet inspection signatures examine packet content for malicious data. Packet inspection applies to OSI (Open System Interconnection)
In general, packet inspection signatures are created for known attacks while anomaly detection looks for abnormal behavior (see Chapter 30 on page 445 for information on anomaly detection).
29.5.1 Base Profiles
The ZyWALL comes with several base profiles. You use base profiles to create new profiles. In the
| 421 |
ZyWALL USG 1000 User’s Guide | |
|
|