Chapter 2 Features and Applications

Intrusion Detection and Prevention (IDP)

IDP (Intrusion Detection and Protection) can detect malicious or suspicious packets and respond instantaneously. It detects pattern-based attacks in order to protect against network- based intrusions. See Section 29.8.2 on page 427 for a list of attacks that the ZyWALL can protect against. You can also create your own custom IDP rules.

Anomaly Detection and Prevention (ADP)

ADP (Anomaly Detection and Prevention) can detect malicious or suspicious packets and respond instantaneously. It can detect:

Anomalies based on violations of protocol standards (RFCs – Requests for Comments)

Abnormal flows such as port scans.

The ZyWALL’s ADP protects against network-based intrusions. See Section 30.8 on page 450 and Section 30.9 on page 456 for more on the kinds of attacks that the ZyWALL can protect against. You can also create your own custom ADP rules.

Bandwidth Management

Bandwidth management allows you to allocate network resources according to defined policies. This policy-based bandwidth allocation helps your network to better handle applications such as Internet access, e-mail, Voice-over-IP (VoIP), video conferencing and other business-critical applications.

Content Filter

Content filtering allows schools and businesses to create and enforce Internet access policies tailored to the needs of the organization.

You can also subscribe to category-based content filtering that allows your ZyWALL to check web sites against an external database of dynamically-updated ratings of millions of web sites. You then simply select categories to block or monitor, such as pornography or racial intolerance, from a pre-defined list.

Anti-Virus Scanner

With the anti-virus packet scanner, your ZyWALL scans files transmitting through the enabled interfaces into the network. The ZyWALL helps stop threats at the network edge before they reach the local host computers.

2.2 Packet Flow

The following is the key used to describe the packet flow in the ZyWALL.

Table 4 Packet Flow Key

Ethernet

The interface on which the packet is received or sent

 

 

VLAN

Virtual LAN

 

 

Encap

The PPPoE or PPTP encapsulation used

 

 

 

 

ALG

Application Layer Gateway

 

 

58

 

ZyWALL USG 1000 User’s Guide