EasyManua.ls Logo

ZyXEL Communications USG FLEX H Series - Editing a Security Option Control; Security Option Control

ZyXEL Communications USG FLEX H Series
462 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
Chapter 24 System
USG FLEX H Series User’s Guide
370
24.4.11 Security Option Control
Configure the Security Option Control section in the System > DNS & DDNS > DNS screen if you suspect
the Zyxel Device is being used by hackers in a DNS amplification attack.
One possible strategy would be to deny Query Recursion and Additional Info from Cache in the default
policy and allow Query Recursion and Additional Info from Cache only from trusted DNS servers
identified by address objects and added as members in the customized policy.
24.4.12 Editing a Security Option Control
Use this screen to change allow or deny actions for Query Recursion and Additional Info from Cache.
DNS Server Select DNS Server(s) from ISP if your ISP dynamically assigns DNS server information. You also
need to select an interface through which the ISP provides the DNS server IP address(es). The
interface should be activated and set to be a DHCP client. The fields below display the (read-
only) DNS server IP address(es) that the ISP assigns. N/A displays for any DNS server IP address
fields for which the ISP does not assign an IP address.
Select Public DNS Server if you have the IP address of a DNS server. Enter the DNS server's IP
address in the field to the right. The Zyxel Device must be able to connect to the DNS server
without using a VPN tunnel. The DNS server could be on the Internet or one of the Zyxel
Device’s local networks. You cannot use 0.0.0.0.
Select Private DNS Server if you have the IP address of a DNS server to which the Zyxel Device
connects through a VPN tunnel. Enter the DNS server's IP address in the field to the right. You
cannot use 0.0.0.0.
Query Via Use the Query Via field to select the interface through which the Zyxel Device sends DNS
queries to a DNS server.
Save changes Click the Save changes icon to save your customized settings and exit this screen.
Cancel changes Click the Cancel changes icon to exit this screen without saving.
Table 183 System > DNS & DDNS > DNS > Domain Zone Forwarder > Add (continued)
LABEL DESCRIPTION

Table of Contents

Related product manuals