Chapter 13 Security Policy
USG FLEX H Series User’s Guide
195
13.3.2 The Policy Control Add/Edit Screen
In the Policy Control screen, click the Edit or Add icon to display the Policy Control Edit or Add screen.
Status This icon is lit when the entry is active and dimmed when the entry is inactive.
Priority This is the position of your Security Policy in the global policy list (including all through-Zyxel
Device and to-Zyxel Device policies). The ordering of your policies is important as policies are
applied in sequence. Default displays for the default Security Policy behavior that the Zyxel
Device performs on traffic that does not match any other Security Policy.
Name This is the name of the Security policy.
From / To This is the direction of travel of packets. Select from which zone the packets come and to
which zone they go.
Security policies are grouped based on the direction of travel of packets to which they apply.
For example, from LAN to LAN means packets traveling from a computer or subnet on the LAN
to either another computer or subnet on the LAN.
From any displays all the security policies for traffic going to the selected To Zone.
To any displays all the security policies for traffic coming from the selected From Zone.
From any to any displays all of the security policies.
To ZyWALL policies are for traffic that is destined for the Zyxel Device and control which
computers can manage the Zyxel Device.
Source This displays the IPv4 source address object, including geographic address and FQDN (group)
objects, to which this Security Policy applies.
Destination This displays the IPv4 destination address object, including geographic address and FQDN
(group) objects, to which this Security Policy applies.
Service This displays the service object to which this security policy applies.
User This is the user name or user group name to which this security policy applies.
Schedule This field tells you the schedule object that the policy uses. none means the policy is active at all
times if enabled.
Action This field displays whether the security policy silently discards packets without notification
(deny), permits the passage of packets (allow) or drops packets with notification (reject)
Log Select whether to have the Zyxel Device generate a log (log), log and alert (log alert) or not
(no) when the policy is matched to the criteria listed above.
Profile This field shows you which security service profiles (application patrol, content filter and SSL
inspection) apply to the policy control rule. Click the icon to edit the profile directly.
Apply Click Apply to save your changes back to the Zyxel Device.
Reset Click Reset to return the screen to its last-saved settings.
Table 95 Configuration > Security Policy > Policy Control (continued)
LABEL DESCRIPTION
To Next Page
Loading...
