Filter
Top Products
Chapter 27 Application Patrol
ZyWALL USG 100/200 Series User’s Guide
457
Schedule Select a schedule that defines when the policy applies or select Create Object to
configure a new one (see Chapter 38 on page 619 for details). Otherwise, select
none to make the policy always effective.
User Select a user name or user group to which to apply the policy. Select Create
Object to configure a new user account (see Section 35.2.1 on page 596 for
details). Select any to apply the policy for every user.
From Select the source zone of the traffic to which this policy applies.
To Select the destination zone of the traffic to which this policy applies.
Source Select a source address or address group for whom this policy applies. Select
Create Object to configure a new one. Select any if the policy is effective for every
source.
Destination Select a destination address or address group for whom this policy applies. Select
Create Object to configure a new one. Select any if the policy is effective for every
destination.
Access This field controls what the ZyWALL does with packets for this application that
match this policy. Choices are:
forward - the ZyWALL routes the packets for this application.
Drop - the ZyWALL does not route the packets for this application and does not
notify the client of its decision.
Reject - the ZyWALL does not route the packets for this application and notifies the
client of its decision.
Action Block For some applications, you can select individual uses of the application that the
policy will have the ZyWALL block. These fields only apply when Access is set to
forward.
Login - Select this option to block users from logging in to a server for this
application.
Message - Select this option to block users from sending or receiving instant
messages.
Audio - Select this option to block users from sending or receiving audio traffic.
Video - Select this option to block users from sending or receiving video traffic.
File Transfer - Select this option to block users from sending or receiving files.
Bandwidth
Management
Configure these fields to set the amount of bandwidth the application can use.
These fields only apply when Access is set to forward.
You must also enable bandwidth management in the main application patrol screen
(AppPatrol > General) in order to apply bandwidth shaping.
Inbound kbps Type how much inbound bandwidth, in kilobits per second, this policy allows the
application to use. Inbound refers to the traffic the ZyWALL sends to a
connection’s initiator.
If you enter 0 here, this policy does not apply bandwidth management for the
application’s traffic that the ZyWALL sends to the initiator. Traffic with bandwidth
management disabled (inbound and outbound are both set to 0) is automatically
treated as the lowest priority (7).
If the sum of the bandwidths for routes using the same next hop is higher than the
actual transmission speed, lower priority traffic may not be sent if higher priority
traffic uses all of the actual bandwidth.
Table 140 Application Policy Edit (continued)
LABEL DESCRIPTION