Chapter 25 Security Policy
ZyWALL ATP Series User’s Guide
483
Protocol Anomalies
Protocol anomalies are packets that do not comply with the relevant RFC (Request For Comments).
Protocol anomaly detection includes:
• TCP Decoder
• UDP Decoder
• ICMP Decoder
Protocol anomaly policies may be updated when you upload new firmware.
Note: First, create an ADP profile in the In the
Configuration > Security Policy > ADP
>
Profile
screen.
Then, apply the profile to traffic originating from a specific zone in the
Configuration >
Security Policy > ADP
>
General
screen.
25.5.1 The Anomaly Detection and Prevention General Screen
Click
Configuration > Security Policy > ADP > General
to display the next screen.
Figure 330
Configuration > Security Policy > ADP > General
The following table describes the labels in this screen.
Table 192 Configuration > Security Policy > ADP > General
LABEL
DESCRIPTION
General Settings
Enable Anomaly Detection
and Prevention
Select this to enable traffic anomaly and protocol anomaly detection and
prevention.
Add
Select an entry and click
Add
to append a new row beneath the one selected. ADP
policies are applied in order (
Priority
) shown in this screen
Edit
Select an entry and click this to be able to modify it.
Remove
Select an entry and click this to delete it.
Activate
To turn on an entry, select it and click
Activate
.
Inactivate
To turn off an entry, select it and click
Inactivate
.
Move
To change an entry’s position in the numbered list, select it and click
Move
to display
a field to type a number for where you want to put that entry and press [ENTER] to
move the entry to the number that you typed.
#
This is the entry’s index number in the list.