Setup Guide
Page 1
IDP on the ZyWALL protects against network based intrusions. 1 USG40HE IDP Setup This guide is designed to help with the setup of the ZyWALL's IDP (Intrusion Detection and Prevention) feature. Firmware version 4.10(AALA.0) or later Overview The USG's IDP system can detect malicious or suspicious packets and respond instantaneously. Supported Devices USG40HE -
IDP on the ZyWALL protects against network based intrusions. 1 USG40HE IDP Setup This guide is designed to help with the setup of the ZyWALL's IDP (Intrusion Detection and Prevention) feature. Firmware version 4.10(AALA.0) or later Overview The USG's IDP system can detect malicious or suspicious packets and respond instantaneously. Supported Devices USG40HE -
Setup Guide
Page 2
... prompt to save the change. Enter a new administrative password and click the "Apply" button to update the administrator password. When prompted for user credentials, type in admin for the "User Name" and 1234 for the "Password". On the address bar type, http://192.168.40.1 and press ENTER/RETURN to access the WebGUI. Accessing the WebGUI To access the ZyWALL's web configuration page please open a web browser on your...
... prompt to save the change. Enter a new administrative password and click the "Apply" button to update the administrator password. When prompted for user credentials, type in admin for the "User Name" and 1234 for the "Password". On the address bar type, http://192.168.40.1 and press ENTER/RETURN to access the WebGUI. Accessing the WebGUI To access the ZyWALL's web configuration page please open a web browser on your...
Setup Guide
Page 3
Otherwise, enter your account. 3 A prompt will appear asking for MyZyXEL 2.0 account credentials to register the device to your email and password credentials to register the ZyWALL to . If you have not yet opened/created a MyZyXEL 2.0 account yet, click the "Not a Member Yet" link under the submit button to the Configuration Licensing Registration menu. 2. Go to sign up. Click on the portal link to register the device to MyZyXEL.com 2.0 1. Register USG to MyZyXEL.com 2.0 server (portal.myzyxel.com). 3.
Otherwise, enter your account. 3 A prompt will appear asking for MyZyXEL 2.0 account credentials to register the device to your email and password credentials to register the ZyWALL to . If you have not yet opened/created a MyZyXEL 2.0 account yet, click the "Not a Member Yet" link under the submit button to the Configuration Licensing Registration menu. 2. Go to sign up. Click on the portal link to register the device to MyZyXEL.com 2.0 1. Register USG to MyZyXEL.com 2.0 server (portal.myzyxel.com). 3.
Setup Guide
Page 4
4. MAC Address and Serial Number information is optional. Click the "Submit" button to finish the registration. 4 Entering a Name for the device Reseller info is filled-in automatically.
4. MAC Address and Serial Number information is optional. Click the "Submit" button to finish the registration. 4 Entering a Name for the device Reseller info is filled-in automatically.
Setup Guide
Page 5
... to download latest signature version. Signatures must be no service filters to add to have just registered and activated the license. Click the button "Service License Refresh" to the profile. 5 Select the router you have the router check with the MyZyXEL.com server for the USG please login to activate the license on the "Service" tab. Once logged in you will be downloaded before creating an...
... to download latest signature version. Signatures must be no service filters to add to have just registered and activated the license. Click the button "Service License Refresh" to the profile. 5 Select the router you have the router check with the MyZyXEL.com server for the USG please login to activate the license on the "Service" tab. Once logged in you will be downloaded before creating an...
Setup Guide
Page 6
..., RSERVICE, SMTP, SNMP, SQL, TELNET, TFTP, and MySQL are disabled. LAN: This profile is most suitable for all services are disabled. Creating IDP Profile From the web configuration screen go to Configuration UTM Profile IDP, click the Add button to three) generate logs (not log alerts) and no action is taken on packets that trigger them. WAN: Signatures for common LAN network services. You will...
..., RSERVICE, SMTP, SNMP, SQL, TELNET, TFTP, and MySQL are disabled. LAN: This profile is most suitable for all services are disabled. Creating IDP Profile From the web configuration screen go to Configuration UTM Profile IDP, click the Add button to three) generate logs (not log alerts) and no action is taken on packets that trigger them. WAN: Signatures for common LAN network services. You will...
Setup Guide
Page 7
... a list with a very low severity level (one ) are disabled. DMZ: This profile is most suitable for networks containing your servers. Signatures with a very low severity level (one ) are enabled. Signatures for the profile. medium severity level (two or three) generate logs (not log alerts) and no action is taken on packets that trigger them to apply the settings...
... a list with a very low severity level (one ) are disabled. DMZ: This profile is most suitable for networks containing your servers. Signatures with a very low severity level (one ) are enabled. Signatures for the profile. medium severity level (two or three) generate logs (not log alerts) and no action is taken on packets that trigger them to apply the settings...
Setup Guide
Page 8
Creating UTM Security Policy From the web configuration screen go to Configuration Security Policy Policy Control, click the Add button to insert a rule to check against intrusions using the IDP profile created on the previous step. Give the Policy Control rule a name Select the packet direction From: LAN1 (Internal Network) Select the packet direction To: WAN (Internet) Scroll down to the...
Creating UTM Security Policy From the web configuration screen go to Configuration Security Policy Policy Control, click the Add button to insert a rule to check against intrusions using the IDP profile created on the previous step. Give the Policy Control rule a name Select the packet direction From: LAN1 (Internal Network) Select the packet direction To: WAN (Internet) Scroll down to the...
Setup Guide
Page 9
...'s MAC address and serial number. Contact ZyXEL tech support to check server backend for errors. 9 Go to query portal.myzyxel.com domain name. Troubleshooting Registration Clicking the portal link not opening website? Verify that the ZyWALL has DNS servers configured to Configuration System DNS and make sure there are no entries click the Add button to insert a DNS server. Make sure your internet connection is running latest firmware release...
...'s MAC address and serial number. Contact ZyXEL tech support to check server backend for errors. 9 Go to query portal.myzyxel.com domain name. Troubleshooting Registration Clicking the portal link not opening website? Verify that the ZyWALL has DNS servers configured to Configuration System DNS and make sure there are no entries click the Add button to insert a DNS server. Make sure your internet connection is running latest firmware release...