User Guide
Page 13
... Configure Interfaces, Port Grouping, and Zones 117 7.1.1 Configure a WAN Ethernet Interface 118 ZyWALL USG 300 User's Guide 13 Policy ...107 6.5.14 Firewall ...107 6.5.15 IPSec VPN ...108 ...17 L2TP VPN ...109 6.5.18 Application Patrol 109 6.5.19 Anti-Virus ...110 6.5.20 IDP ...110 6.5.21 ADP ...110 6.5.22 Content Filter ...110 6.5.23 Anti-Spam ...111... 6.4.3 NAT Table Checking Flow 100 6.5 Feature Configuration Overview 101 6.5.1 Feature ...102 6.5.2 Licensing Registration 102 6.5.3 Licensing Update ...102 6.5.4 Interface ...103 6.5.5 Trunks ...103 6.5.6 Policy Routes ...103 6.5.7 Static...
... Configure Interfaces, Port Grouping, and Zones 117 7.1.1 Configure a WAN Ethernet Interface 118 ZyWALL USG 300 User's Guide 13 Policy ...107 6.5.14 Firewall ...107 6.5.15 IPSec VPN ...108 ...17 L2TP VPN ...109 6.5.18 Application Patrol 109 6.5.19 Anti-Virus ...110 6.5.20 IDP ...110 6.5.21 ADP ...110 6.5.22 Content Filter ...110 6.5.23 Anti-Spam ...111... 6.4.3 NAT Table Checking Flow 100 6.5 Feature Configuration Overview 101 6.5.1 Feature ...102 6.5.2 Licensing Registration 102 6.5.3 Licensing Update ...102 6.5.4 Interface ...103 6.5.5 Trunks ...103 6.5.6 Policy Routes ...103 6.5.7 Static...
User Guide
Page 53
...bridge interfaces. Static Route Create and manage IP static routing information. Licensing Registration Registration Register the device and activate trial services. OSPF Configure device...and manage trunks (groups of interfaces) for an installed wireless LAN card. ZyWALL USG 300 User's Guide 53 Table 7 Configuration Menu Screens Summary FOLDER OR LINK ...Configurator 3.3.2.3 Configuration Menu Use the configuration menu screens to define various policies. IDP/AppPatrol Update IDP signatures immediately or by a schedule. HTTP Redirect Set up and manage port...
...bridge interfaces. Static Route Create and manage IP static routing information. Licensing Registration Registration Register the device and activate trial services. OSPF Configure device...and manage trunks (groups of interfaces) for an installed wireless LAN card. ZyWALL USG 300 User's Guide 53 Table 7 Configuration Menu Screens Summary FOLDER OR LINK ...Configurator 3.3.2.3 Configuration Menu Use the configuration menu screens to define various policies. IDP/AppPatrol Update IDP signatures immediately or by a schedule. HTTP Redirect Set up and manage port...
User Guide
Page 54
... VoIP traffic. Black/White List Set up anti-virus policies and check the anti-virus engine type and the antivirus license and signature status. Policy Define rules to all connections. L2TP VPN L2TP VPN Configure L2TP Over IPSec VPN settings. Exempt...hub-and-spoke VPN). Other Manage other kinds of traffic. Profile Create and manage IDP profiles. Streaming Manage streaming traffic. Custom Signatures Create, import, or export custom signatures. 54 ZyWALL USG 300 User's Guide Firewall Firewall Create and manage level-3 traffic rules. Global Setting Configure ...
... VoIP traffic. Black/White List Set up anti-virus policies and check the anti-virus engine type and the antivirus license and signature status. Policy Define rules to all connections. L2TP VPN L2TP VPN Configure L2TP Over IPSec VPN settings. Exempt...hub-and-spoke VPN). Other Manage other kinds of traffic. Profile Create and manage IDP profiles. Streaming Manage streaming traffic. Custom Signatures Create, import, or export custom signatures. 54 ZyWALL USG 300 User's Guide Firewall Firewall Create and manage level-3 traffic rules. Global Setting Configure ...
User Guide
Page 102
...have to delete (or modify) all the policy routes that refer to services like antivirus, IDP and application patrol, more information about each screen. After you create the object PREREQUISITES you...on the network topology in the list of the prerequisites first, you have a valid 102 ZyWALL USG 300 User's Guide You may not have to delete the references to create a new object. ...if there are two uses for a VPN tunnel. There are no WHERE USED entry. 6.5.2 Licensing Registration Use these screens to configure this feature before you did not configure one . See the ...
...have to delete (or modify) all the policy routes that refer to services like antivirus, IDP and application patrol, more information about each screen. After you create the object PREREQUISITES you...on the network topology in the list of the prerequisites first, you have a valid 102 ZyWALL USG 300 User's Guide You may not have to delete the references to create a new object. ...if there are two uses for a VPN tunnel. There are no WHERE USED entry. 6.5.2 Licensing Registration Use these screens to configure this feature before you did not configure one . See the ...
User Guide
Page 103
... page 94 for bandwidth management (out of the features that use policy routes for background information. Most of the ZyWALL), port triggering, ZyWALL USG 300 User's Guide 103 MENU ITEM(S) Configuration > Network > Interface (except Network > Interface > Trunk) PREREQUISITES Port groups... Use policy routes to send packets through the appropriate interface or VPN tunnel. MENU ITEM(S) Configuration > Licensing > Update PREREQUISITES Registration (for anti-virus and IDP/application patrol), Internet access to a zone. To configure ge1's settings, click Network > Interface > ...
... page 94 for bandwidth management (out of the features that use policy routes for background information. Most of the ZyWALL), port triggering, ZyWALL USG 300 User's Guide 103 MENU ITEM(S) Configuration > Network > Interface (except Network > Interface > Trunk) PREREQUISITES Port groups... Use policy routes to send packets through the appropriate interface or VPN tunnel. MENU ITEM(S) Configuration > Licensing > Update PREREQUISITES Registration (for anti-virus and IDP/application patrol), Internet access to a zone. To configure ge1's settings, click Network > Interface > ...
User Guide
Page 110
...features (such as the source. 6.5.19 Anti-Virus Use anti-virus to detect and take action on viruses. MENU ITEM(S) Configuration > Anti-X > IDP PREREQUISITES Registration, zones 6.5.21 ADP Use ADP to detect and take action on traffic and protocol anomalies. MENU ITEM(S) Configuration > Anti-X > ADP...Basics Note: With this example, Bob would have already subscribed to the content filter service. 110 ZyWALL USG 300 User's Guide You must have to log in order to log in using the Licensing > Registration screens or one of the wizards. You must have to use the category-based ...
...features (such as the source. 6.5.19 Anti-Virus Use anti-virus to detect and take action on viruses. MENU ITEM(S) Configuration > Anti-X > IDP PREREQUISITES Registration, zones 6.5.21 ADP Use ADP to detect and take action on traffic and protocol anomalies. MENU ITEM(S) Configuration > Anti-X > ADP...Basics Note: With this example, Bob would have already subscribed to the content filter service. 110 ZyWALL USG 300 User's Guide You must have to log in order to log in using the Licensing > Registration screens or one of the wizards. You must have to use the category-based ...
User Guide
Page 231
...Version This is the IDentification number of the anti-virus or IDP signatures (anti-virus and IDP). Expiration If the service license is still applying the system configuration. Top 5 Viruses # ...ZyWALL successfully applied the system default configuration. Fallback to the lastgood.conf configuration file. The ZyWALL was successful. Booting in the list of the most commonly detected viruses. Name This identifies the licensed service. Occurrence This is the entry's rank in progress - Top 5 Intrusions # This is how many licensed services there are. ZyWALL USG 300...
...Version This is the IDentification number of the anti-virus or IDP signatures (anti-virus and IDP). Expiration If the service license is still applying the system configuration. Top 5 Viruses # ...ZyWALL successfully applied the system default configuration. Fallback to the lastgood.conf configuration file. The ZyWALL was successful. Booting in the list of the most commonly detected viruses. Name This identifies the licensed service. Occurrence This is the entry's rank in progress - Top 5 Intrusions # This is how many licensed services there are. ZyWALL USG 300...
User Guide
Page 284
... iCard for six months. The one-year ZyXEL engine anti-virus service subscription is automatically added to 18 months. 284 ZyWALL USG 300 User's Guide Anti-Virus Engines Subscribe to ...signature files for more SSL VPN tunnels. There is no limit on your earlier subscription is automatically extended to the new subscription. You must use anti-virus, IDP...of times you can also purchase and enter a license key to have the ZyWALL use the ZyXEL anti-virus iCard for the ZyXEL antivirus engine and the Kaspersky anti-virus iCard for...
... iCard for six months. The one-year ZyXEL engine anti-virus service subscription is automatically added to 18 months. 284 ZyWALL USG 300 User's Guide Anti-Virus Engines Subscribe to ...signature files for more SSL VPN tunnels. There is no limit on your earlier subscription is automatically extended to the new subscription. You must use anti-virus, IDP...of times you can also purchase and enter a license key to have the ZyWALL use the ZyXEL anti-virus iCard for the ZyXEL antivirus engine and the Kaspersky anti-virus iCard for...
User Guide
Page 286
... the license key in the Registration Service screen to web sites based on the network. Application patrol conveniently manages the use these categories. After the trial expires, you can have the ZyWALL block, block and/or log access to extend the service. Select ZyXEL's anti... Filter Category Service Apply You will get automatic e-mail notification of web sites based on content. The IDP and application patrol features use up -to the ZyWALL. 286 ZyWALL USG 300 User's Guide The content filter allows or blocks access to detect virus files. Anti-Virus Signature The...
... the license key in the Registration Service screen to web sites based on the network. Application patrol conveniently manages the use these categories. After the trial expires, you can have the ZyWALL block, block and/or log access to extend the service. Select ZyXEL's anti... Filter Category Service Apply You will get automatic e-mail notification of web sites based on content. The IDP and application patrol features use up -to the ZyWALL. 286 ZyWALL USG 300 User's Guide The content filter allows or blocks access to detect virus files. Anti-Virus Signature The...
User Guide
Page 288
... This field is blank when a service is activated (Licensed) or not (Not Licensed) or expired (Expired). This field does not apply to renew service license information (such as the registration status and expiration day). 288 ZyWALL USG 300 User's Guide If a standard service subscription runs out,...# This is the entry's position in this field also displays the type of anti-virus engine. Count License Upgrade License Key Service License Refresh You can use IDP/AppPatrol or Anti-Virus after the registration expires, you applied for a trial application (Trial) or registered...
... This field is blank when a service is activated (Licensed) or not (Not Licensed) or expired (Expired). This field does not apply to renew service license information (such as the registration status and expiration day). 288 ZyWALL USG 300 User's Guide If a standard service subscription runs out,...# This is the entry's position in this field also displays the type of anti-virus engine. Count License Upgrade License Key Service License Refresh You can use IDP/AppPatrol or Anti-Virus after the registration expires, you applied for a trial application (Trial) or registered...
User Guide
Page 289
...; Use the Configuration > Licensing > Update > Anti-virus screen (Section 12.2 on page 290) to update the anti-virus signatures. ZyWALL USG 300 User's Guide 289 Note: The ZyWALL does not have to update the signatures used for details on page 601 for IDP and application patrol. See Chapter... 34 on IDP. See Chapter 33 on page 585 for details on anti-virus. • Use the Configuration > Licensing > Update > IDP/...
...; Use the Configuration > Licensing > Update > Anti-virus screen (Section 12.2 on page 290) to update the anti-virus signatures. ZyWALL USG 300 User's Guide 289 Note: The ZyWALL does not have to update the signatures used for details on page 601 for IDP and application patrol. See Chapter... 34 on IDP. See Chapter 33 on page 585 for details on anti-virus. • Use the Configuration > Licensing > Update > IDP/...
User Guide
Page 291
...hour clock, so '23' means 11PM for the IDP and application patrol features. Click this option to the ZyWALL periodically if you have the ZyWALL check for minimal interruption. Click this option to download new packet inspection ZyWALL USG 300 User's Guide 291 You need to create an ... are new ones, the ZyWALL will then download them. The ZyWALL comes with signatures for example. Select this button to return the screen to its last-saved settings. 12.3 The IDP/AppPatrol Update Screen Click Configuration > Licensing > Update > IDP/AppPatrol to the ZyWALL. The time format is not...
...hour clock, so '23' means 11PM for the IDP and application patrol features. Click this option to the ZyWALL periodically if you have the ZyWALL check for minimal interruption. Click this option to download new packet inspection ZyWALL USG 300 User's Guide 291 You need to create an ... are new ones, the ZyWALL will then download them. The ZyWALL comes with signatures for example. Select this button to return the screen to its last-saved settings. 12.3 The IDP/AppPatrol Update Screen Click Configuration > Licensing > Update > IDP/AppPatrol to the ZyWALL. The time format is not...
User Guide
Page 292
... rule set . Signature Update Use these fields to have the ZyWALL check for new IDP signatures at the time and day specified. Auto Update Select this check box to have the ZyWALL automatically check for minimal interruption. ZyWALL USG 300 User's Guide Figure 265 Configuration > Licensing > Update > IDP/AppPatrol 292 The following fields display information on the current...
... rule set . Signature Update Use these fields to have the ZyWALL check for new IDP signatures at the time and day specified. Auto Update Select this check box to have the ZyWALL automatically check for minimal interruption. ZyWALL USG 300 User's Guide Figure 265 Configuration > Licensing > Update > IDP/AppPatrol 292 The following fields display information on the current...
User Guide
Page 293
Figure 266 Configuration > Licensing > Update > System Protect ZyWALL USG 300 User's Guide 293 The system-protection function is the 24 hour clock, so '23' means 11PM for example. The time format is part of the IDP feature. Reset Click this option to have the ZyWALL check for new IDP signatures once a week on the day and at the...
Figure 266 Configuration > Licensing > Update > System Protect ZyWALL USG 300 User's Guide 293 The system-protection function is the 24 hour clock, so '23' means 11PM for example. The time format is part of the IDP feature. Reset Click this option to have the ZyWALL check for new IDP signatures once a week on the day and at the...
User Guide
Page 570
... to improve SIPbased VoIP call sound quality. None displays when the service is activated (Licensed) or not (Not Status Licensed) or expired (Expired). Current Version This field displays the IDP signature and anomaly rule set is enhanced. Use the Common screen (shown here as ... is not activated. When this to maximize the throughput of the most commonly used web, file transfer and e-mail protocols. 570 ZyWALL USG 300 User's Guide Reset Click Reset to return the screen to its last-saved settings. 32.3 Application Patrol Applications Use the application patrol...
... to improve SIPbased VoIP call sound quality. None displays when the service is activated (Licensed) or not (Not Status Licensed) or expired (Expired). Current Version This field displays the IDP signature and anomaly rule set is enhanced. Use the Common screen (shown here as ... is not activated. When this to maximize the throughput of the most commonly used web, file transfer and e-mail protocols. 570 ZyWALL USG 300 User's Guide Reset Click Reset to return the screen to its last-saved settings. 32.3 Application Patrol Applications Use the application patrol...
User Guide
Page 602
... for a trial IDP subscription in the Registration screen (see Chapter 17 on page 409 for more information on network-based intrusions • See Section 34.6.2 on base profiles. Note: You can protect against. • See Section 34.7 on page 619 for details on page 612 for more information. 602 ZyWALL USG 300 User's Guide
... for a trial IDP subscription in the Registration screen (see Chapter 17 on page 409 for more information on network-based intrusions • See Section 34.6.2 on base profiles. Note: You can protect against. • See Section 34.7 on page 619 for details on page 612 for more information. 602 ZyWALL USG 300 User's Guide
User Guide
Page 603
If you don't have a standard license, you try to enable IDP when the IDP service has not yet been registered, a warning screen displays and IDP is not enabled. Note: You must register for traffic flowing in order to use packet inspection signatures. Edit...General Settings Enable Signature Detection You must register in the table. Chapter 34 IDP 34.2 The IDP General Screen Click Configuration > Anti-X > IDP > General to open this screen to turn IDP on or off trial one. ZyWALL USG 300 User's Guide 603 Use this screen. See the Registration screens. Add Click...
If you don't have a standard license, you try to enable IDP when the IDP service has not yet been registered, a warning screen displays and IDP is not enabled. Note: You must register for traffic flowing in order to use packet inspection signatures. Edit...General Settings Enable Signature Detection You must register in the table. Chapter 34 IDP 34.2 The IDP General Screen Click Configuration > Anti-X > IDP > General to open this screen to turn IDP on or off trial one. ZyWALL USG 300 User's Guide 603 Use this screen. See the Registration screens. Add Click...
User Guide
Page 604
.... Traffic direction is defined by the zone the traffic is using. 604 ZyWALL USG 300 User's Guide There's an initial free trial period for the service. Click this to a computer on another LAN computer on the same subnet. IDP Profile License License Status License Type Apply new Registration Signature Information Use the From field to specify the...
.... Traffic direction is defined by the zone the traffic is using. 604 ZyWALL USG 300 User's Guide There's an initial free trial period for the service. Click this to a computer on another LAN computer on the same subnet. IDP Profile License License Status License Type Apply new Registration Signature Information Use the From field to specify the...
User Guide
Page 920
... end of an individual help file. I cannot update the anti-virus signatures. • Make sure your ZyWALL has the IDP/application patrol service registered and that the license is working properly. • Check the WAN interface's status in the web help displays the same help screen.... You can try shrinking the browser window if this is connected to the Internet. 920 ZyWALL USG 300 User's Guide Purchase a new license if the license is expired. • Make sure your ZyWALL is an issue. Clicking different links in the Dashboard. Your computer should have a terminal emulation...
... end of an individual help file. I cannot update the anti-virus signatures. • Make sure your ZyWALL has the IDP/application patrol service registered and that the license is working properly. • Check the WAN interface's status in the web help displays the same help screen.... You can try shrinking the browser window if this is connected to the Internet. 920 ZyWALL USG 300 User's Guide Purchase a new license if the license is expired. • Make sure your ZyWALL is an issue. Clicking different links in the Dashboard. Your computer should have a terminal emulation...
User Guide
Page 921
...ZyWALL is not applying the custom policy route I configured. ZyWALL USG 300 User's Guide 921 Many security settings are usually applied to reboot when you assign it to the appropriate zones. The ZyWALL is not applying the custom firewall rule I configured security settings but the ZyWALL...name I downloaded updated anti-virus or IDP/application patrol signatures. Purchase a new license if the license is not expired. The ZyWALL checks the policy routes in the order that the traffic would also match. So make sure that your ZyWALL is not applying them for certain interfaces...
...ZyWALL is not applying the custom policy route I configured. ZyWALL USG 300 User's Guide 921 Many security settings are usually applied to reboot when you assign it to the appropriate zones. The ZyWALL is not applying the custom firewall rule I configured security settings but the ZyWALL...name I downloaded updated anti-virus or IDP/application patrol signatures. Purchase a new license if the license is not expired. The ZyWALL checks the policy routes in the order that the traffic would also match. So make sure that your ZyWALL is not applying them for certain interfaces...