Chapter 30 IDP
ZyWALL ATP Series User’s Guide
540
Policy Types
This table describes Policy Types as categorized in the Zyxel Device.
# This is the entry’s index number in the list.
SID SID is the signature ID that uniquely identifies a signature. Click the SID header to sort
signatures in ascending or descending order. It is automatically created when you click
the Add icon to create a new signature. You can edit the ID, but it cannot already exist
and it must be in the 9000000 to 9999999 range.
Name This is the name of your custom signature. Duplicate names can exist, but it is advisable
to use unique signature names that give some hint as to intent of the signature and the
type of attack it is supposed to prevent.
Customer Signature Rule
Importing
Use this part of the screen to import custom signatures (previously saved to your
computer) to the Zyxel Device.
Note: The name of the complete custom signature file on the Zyxel Device is
‘custom.rules’. If you import a file named ‘custom.rules’, then all custom
signatures on the Zyxel Device are overwritten with the new file. If this is
not your intention, make sure that the files you import are not named
‘custom.rules’.
File Path Type the file path and name of the custom signature file you want to import in the text
box (or click Browse to find it on your computer) and then click Importing to transfer the
file to the Zyxel Device.
New signatures then display in the Zyxel Device IDP > Custom Signatures screen.
Signature Information The following fields display information on the current signature set that the Zyxel Device
is using.
Current Version This field displays the IDP signature set version number. This number gets larger as the set
is enhanced.
Signature Number This field displays the number of IDP signatures in this set. This number usually gets larger
as the set is enhanced. Older signatures and rules may be removed if they are no longer
applicable or have been supplanted by newer ones.
Released Date This field displays the date and time the set was released.
Update Signatures Click this link to go to the screen you can use to download signatures from the update
server.
Table 218 Policy Types
POLICY TYPE DESCRIPTION
Access Control Access control refers to procedures and controls that limit or detect access. Access
control attacks try to bypass validation checks in order to access network resources such
as servers, directories, and files.
Any Any attack includes all other kinds of attacks that are not specified in the policy such as
password, spoof, hijack, phishing, and close-in.
Backdoor/Trojan Horse A backdoor (also called a trapdoor) is hidden software or a hardware mechanism that
can be triggered to gain access to a program, online service or an entire computer
system. A Trojan horse is a harmful program that is hidden inside apparently harmless
programs or data.
Although a virus, a worm and a Trojan are different types of attacks, they can be
blended into one attack. For example, W32/Blaster and W32/Sasser are blended attacks
that feature a combination of a worm and a Trojan.
Table 217 Configuration > Security Service > IDP (continued)
LABEL DESCRIPTION
To Next Page
Loading...
