EasyManua.ls Logo

ZyXEL Communications USG40W - Application Patrol; Chapter 36 Application Patrol; Overview; What You Can Do in this Chapter

ZyXEL Communications USG40W
1090 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
ZyWALL USG Series User’s Guide
689
CHAPTER 36
Application Patrol
36.1 Overview
Application patrol provides a convenient way to manage the use of various applications on the
network. It manages general protocols (for example, HTTP and FTP) and instant messenger (IM), peer-to-
peer (P2P), Voice over IP (VoIP), and streaming (RSTP) applications. You can even control the use of a
particular application’s individual features (like text messaging, voice, video conferencing, and file
transfers). You can also configure bandwidth management with application patrol in the Configuration
> BWM screen for traffic prioritization to enhance the performance of delay-sensitive applications like
voice and video.
36.1.1 What You Can Do in this Chapter
Use the Profile summary screen (see Section 36.2 on page 690) to view license registration and
signature information.
Use the Profile Add/Edit screens (see Section 36.2 on page 690) to set actions for application
categories and for specific applications within the category.
36.1.2 What You Need to Know
If you want to use a service, make sure both the Security Policy and application patrol allow the
service’s packets to go through the Zyxel Device.
Note: The Zyxel Device checks secure policies before it checks application patrol rules for
traffic going through the Zyxel Device.
Application patrol examines every TCP and UDP connection passing through the Zyxel Device and
identifies what application is using the connection. Then, you can specify whether or not the Zyxel
Device continues to route the connection. Traffic not recognized by the application patrol signatures is
ignored.
Application Profiles & Policies
An application patrol profile is a group of categories of application patrol signatures. For each profile,
you can specify the default action the Zyxel Device takes once a packet matches a signature (forward,
drop, or reject a service’s connections and/or create a log alert).
Use policies to link profiles to traffic flows based on criteria such as source zone, destination zone, source
address, destination address, schedule, user.
Classification of Applications
There are two ways the Zyxel Device can identify the application. The first is called auto. The Zyxel
Device looks at the IP payload (OSI level-7 inspection) and attempts to match it with known patterns for

Table of Contents

Other manuals for ZyXEL Communications USG40W

Preview: Initial Setup
Initial Setup9 pages
Preview: Handbook & Instructions
Handbook & Instructions255 pages
Preview: Quick Start Guide
Quick Start Guide8 pages
Preview: Handbook
Handbook810 pages

Related product manuals