Chapter 27 Security Policy
ZyWALL USG Series User’s Guide
592
Figure 414
Configuration > Security Policy > Session Control > Edit
The following table describes the labels in this screen.
27.7 Security Policy Example Applications
Suppose you decide to block LAN users from using IRC (Internet Relay Chat) through the Internet. To do
this, you would configure a LAN to WAN Security Policy that blocks IRC traffic from any source IP address
from going to any destination address. You do not need to specify a schedule since you need the
Security Policy to always be in effect. The following figure shows the results of this policy.
Table 213 Configuration > Security Policy > Session Control > Add / Edit
LABEL
DESCRIPTION
Create new
Object
Use to configure new settings for User or Address objects that you need to use in this
screen.Click on the down arrow to see the menu.
Enable Rule
Select this check box to turn on this session limit rule.
Description
Enter information to help you identify this rule. Use up to 60 printable ASCII characters. Spaces
are allowed.
User
Select a user name or user group to which to apply the rule. The rule is activated only when the
specified user logs into the system and the rule will be disabled when the user logs out.
Otherwise, select
any
and there is no need for user logging.
Note: If you specified an IP address (or address group) instead of
any
in the field
below, the user’s IP address should be within the IP address range.
Address
Select the IPv4 source address or address group, including geographic address (group)
object, to which this rule applies. Select
any
to apply the rule to all IPv4 source addresses.
IPv6 Address
Select the IPv6 source address or address group, including geographic address (group)
object, to which this rule applies. Select
any
to apply the rule to all IPv6 source addresses.
Session Limit per
Host
Use this field to set a limit to the number of concurrent NAT/Security Policy sessions this rule’s
users or addresses can have.
For this rule’s users and addresses, this setting overrides the
Default Session per Host
setting in
the general
Security Policy Session Control
screen.
OK
Click
OK
to save your customized settings and exit this screen.
Cancel
Click
Cancel
to exit this screen without saving.
Summary of Contents for USG110
Page 27: ...27 PART I User s Guide ...
Page 195: ...195 PART II Technical Reference ...
Page 309: ...Chapter 10 Interfaces ZyWALL USG Series User s Guide 309 ...
Page 313: ...Chapter 10 Interfaces ZyWALL USG Series User s Guide 313 ...
Page 358: ...Chapter 10 Interfaces ZyWALL USG Series User s Guide 358 ...
Page 373: ...Chapter 10 Interfaces ZyWALL USG Series User s Guide 373 ...