Filter
Top Products
Chapter 30 ADP
ZyWALL USG 300 User’s Guide
448
Figure 339 Anti-X > ADP > General > Add
The following table describes the screens in this screen.
30.5 Introducing ADP Profiles
An ADP profile is a set of traffic anomaly rules and protocol anomaly rules.
• Traffic anomaly rules look for abnormal behavior or events such as port scanning,
sweeping or network flooding. It operates at OSI layer-2 and layer-3. Traffic anomaly
rules may be updated when you upload new firmware.
• Protocol anomaly rules check for protocol compliance against the relevant RFC (Request
For Comments). Protocol anomaly detection includes HTTP Inspection, TCP Decoder,
UDP Decoder and ICMP Decoder. Protocol anomaly rules may be updated when you
upload new firmware.
Anomaly detection is in general effective against abnormal behavior while packet inspection
signatures are created for known attacks (see Chapter 29 on page 417 for information on
packet inspection).
30.5.1 Base Profiles
The ZyWALL comes with several base profiles. You use base profiles to create new profiles.
Table 140 Anti-X > ADP > General > Add
LABEL DESCRIPTION
Enable Select this check box to turn on this anomaly profile to traffic direction binding.
From Traffic direction is defined by the zone the traffic is coming from and the zone
the traffic is going to.
Use the From field to specify the zone from which the traffic is coming.
Select ZyWALL to specify traffic coming from the ZyWALL itself.
To Use the To field to specify the zone to which the traffic is going.
Select ZyWALL to specify traffic destined for the ZyWALL itself.
ADP Profile An ADP profile is a set of ADP rules with configured activation, log and action
settings. Select an ADP profile to bind to the entry’s traffic direction. Configure
the ADP profiles in the ADP profile screens.
OK Click OK to save your changes.
Cancel Click Cancel to exit this screen without saving your changes.