Filter
Top Products
Chapter 6 Device Security Settings
Vantage CNM User’s Guide
167
6.10 Signature Update
The device comes with built-in signatures created by the ZyXEL Security Response Team
(ZSRT). These are regularly updated as new intrusions evolve. Use the Update screen to
immediately download or schedule new signature downloads.
" You should have already registered the device at myZyXEL.com (http://
www.myzyxel.com/myzyxel/) and also have either activated the trial license or
standard license (iCard). If your license has expired, you will have to renew it
before updates are allowed.
When scheduling signature updates, you should choose a day and time when your network is
least busy so as to minimize disruption to your network. Your custom signature configurations
are not over-written when you download new signatures.
File-based anti-virus signatures (see the anti-virus chapter) are included with IDP signatures.
When you download new signatures using the anti-virus Update screen, IDP signatures are
also downloaded. The version number changes both in the anti-virus Update screen and this
screen. Both screens also share the same Auto-Update schedule. Changes made to the
schedule in one screen are reflected in the other.
" The device does not have to reboot when you upload new signatures.
Action Select what the selected device should do when a packet matches a rule.
No Action: The selected device takes no action when a packet matches the
signature(s).
Drop Packet: The packet is silently discarded.
Drop Session: When the firewall is enabled, subsequent TCP/IP packets
belonging to the same connection are dropped. Neither sender nor receiver are
sent TCP RST packets. If the firewall is not enabled only the packet that matched
the signature is dropped.
Reset Sender: When the firewall is enabled, the TCP/IP connection is silently torn
down. Just the sender is sent TCP RST packets. If the firewall is not enabled only
the packet that matched the signature is dropped.
Reset Receiver: When the firewall is enabled, the TCP/IP connection is silently
torn down. Just the receiver is sent TCP RST packets. If the firewall is not enabled
only the packet that matched the signature is dropped.
Reset Both: When the firewall is enabled, the TCP/IP connection is silently torn
down. Both sender and receiver are sent TCP RST packets. If the firewall is not
enabled only the packet that matched the signature is dropped.
Apply Click this button to save your changes back to the device.
Reset Click this button to begin configuring this screen afresh.
Table 67 Device Operation > Device Configuration > Security > IDP > Anomaly (continued)
TYPE DESCRIPTION