Chapter 29 IDP

Figure 322 Base Profiles

The following table describes this screen.

Table 129 Base Profiles

BASE PROFILE

DESCRIPTION

all

All signatures are enabled. Signatures with a high or severe severity level (greater

 

than three) generate log alerts and cause packets that trigger them to be dropped.

 

Signatures with a very low, low or medium severity level (less than or equal to

 

three) generate logs (not log alerts) and no action is taken on packets that trigger

 

them.

 

 

dmz

This profile is most suitable for networks containing your servers. Signatures for

 

common services such as DNS, FTP, HTTP, ICMP, IMAP, MISC, NETBIOS,

 

POP3, RPC, RSERVICE, SMTP, SNMP, SQL, TELNET, Oracle, MySQL are

 

enabled. Signatures with a high or severe severity level (greater than three)

 

generate log alerts and cause packets that trigger them to be dropped. Signatures

 

with a low or medium severity level (two or three) generate logs (not log alerts) and

 

no action is taken on packets that trigger them. Signatures with a very low severity

 

level (one) are disabled.

 

 

lan

This profile is most suitable for common LAN network services. Signatures for

 

common services such as DNS, FTP, HTTP, ICMP, IM, IMAP, MISC, NETBIOS,

 

P2P, POP3, RPC, RSERVICE, SMTP, SNMP, SQL, TELNET, TFTP, MySQL are

 

enabled. Signatures with a high or severe severity level (greater than three)

 

generate logs (not log alerts) and cause packets that trigger them to be dropped.

 

Signatures with a low or medium severity level (two or three) generate logs (not

 

log alerts) and no action is taken on packets that trigger them. Signatures with a

 

very low severity level (one) are disabled.

 

 

none

All signatures are disabled. No logs are generated nor actions are taken.

 

 

wan

Signatures for all services are enabled. Signatures with a medium, high or severe

 

severity level (greater than two) generate logs (not log alerts) and no action is

 

taken on packets that trigger them. Signatures with a very low or low severity level

 

(less than or equal to two) are disabled.

 

 

OK

Click OK to save your changes.

 

 

Cancel

Click Cancel to exit this screen without saving your changes.

 

 

29.6 Profile Summary Screen

Select Anti-X > IDP > Profile. Use this screen to:

Add a new profile

Edit an existing profile

Delete an existing profile

422

 

ZyWALL USG 1000 User’s Guide