Chapter 29 IDP

The following table describes the fields in this screen.

Table 131 Anti-X > IDP > Profile > Group View

LABEL

DESCRIPTION

Name

This is the name of the profile. You may use 1-31 alphanumeric characters,

 

underscores(_), or dashes (-), but the first character cannot be a number. This value

 

is case-sensitive. These are valid, unique profile names:

 

MyProfile

 

mYProfile

 

Mymy12_3-4

 

These are invalid profile names:

 

1mYProfile

 

My Profile

 

MyProfile?

 

Whatalongprofilename123456789012

 

 

Switch to

Click this button to go to a screen where you can search for signatures by criteria

query view

such as name, ID, severity, attack type, vulnerable attack platforms, service

 

category, log options or actions.

 

 

Service

Click the + sign next to a service group to expand it. A service group is a group of

 

related IDP signatures.

 

 

Message

This is the name of the signature.

 

 

SID

This is the signature ID (identification) number that uniquely identifies a ZyWALL

 

signature.

 

 

Severity

These are the severities as defined in the ZyWALL. The number in brackets is the

 

number you use if using commands.

 

Severe (5): These denote attacks that try to run arbitrary code or gain system

 

privileges.

 

High (4): These denote known serious vulnerabilities or attacks that are probably not

 

false alarms.

 

Medium (3): These denote medium threats, access control attacks or attacks that

 

could be false alarms.

 

Low (2): These denote mild threats or attacks that could be false alarms.

 

Very Low (1): These denote possible attacks caused by traffic such as Ping, trace

 

route, ICMP queries etc.

 

 

Policy

This is the attack type as defined on the ZyWALL. See Table 132 on page 427 for a

Type

description of each type.

 

 

Activation

Click the icon to enable or disable a signature or group of signatures.

 

 

Log

These are the log options:

 

original setting: Select this option to return each log option within a service group to

 

its previously saved configuration.

 

no: Select this option on an individual signature or a complete service group to have

 

the ZyWALL create no log when a packet matches a signature(s).

 

log: Select this option on an individual signature or a complete service group to have

 

the ZyWALL create a log when a packet matches a signature(s).

 

log alert: An alert is an e-mailed log for more serious events that may need more

 

immediate attention. Select this option to have the ZyWALL send an alert when a

 

packet matches a signature(s).

 

 

426

 

ZyWALL USG 1000 User’s Guide