ZyWALL Series CLI Reference Guide
222
CHAPTER 29
Secure Policy
This chapter introduces the Zyxel Device’s secure policies and shows you how to configure them.
Note: In the guide Secure Policy commands may also be referred to as Firewall in general
descriptions.
29.1 Secure Policy Overview
A secure policy is a template of security settings that can be applied to specific traffic at specific times.
The policy can be applied:
• to a specific direction of travel of packets (from / to)
• to a specific source and destination address objects
• to a specific type of traffic (services)
• to a specific user or group of users
• at a specific schedule
The policy can be configured:
• to allow or deny traffic that matches the criteria above
• send a log or alert for traffic that matches the criteria above
• to apply the actions configured in the UTM profiles (such as application patrol, content filter, IDP, anti-
virus, anti-spam) to traffic that matches the criteria above
Note: Secure policies can be applied to both IPv4 and IPv6 traffic
The secure policies can also limit the number of user sessions.
The following example shows the Zyxel Device’s default security policies behavior for a specific direction
of travel of packets. WAN to LAN traffic and how stateful inspection works. A LAN user can initiate a
Telnet session from within the LAN zone and the Zyxel Device allows the response. However, the Zyxel
Device blocks incoming Telnet traffic initiated from the WAN zone and destined for the LAN zone.
Figure 25 Default Directional Policy Example
To Next Page
Loading...
