ZyXEL USG110/210/310 User Guide - Page 773
Exclude List Screen
View all ZyXEL USG110/210/310 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 773 highlights
Chapter 41 SSL Inspection Table 283 Configuration > UTM Profile > SSL Inspection > Profile > Add / Edit (continued) LABEL DESCRIPTION Action To edit what action the Zyxel Device takes when a packet matches a signature, select the signature and use the Action icon. none: Select this action on an individual signature or a complete service group to have the Zyxel Device take no action when a packet matches the signature(s). drop: Select this action on an individual signature or a complete service group to have the Zyxel Device silently drop a packet that matches the signature(s). Neither sender nor receiver are notified. reject-sender: Select this action on an individual signature or a complete service group to have the Zyxel Device send a reset to the sender when a packet matches the signature. If it is a TCP attack packet, the Zyxel Device will send a packet with a 'RST' flag. If it is an ICMP or UDP attack packet, the Zyxel Device will send an ICMP unreachable packet. reject-receiver: Select this action on an individual signature or a complete service group to have the Zyxel Device send a reset to the receiver when a packet matches the signature. If it is a TCP attack packet, the Zyxel Device will send a packet with an a 'RST' flag. If it is an ICMP or UDP attack packet, the Zyxel Device will do nothing. # Status SID Log Action OK Cancel reject-both: Select this action on an individual signature or a complete service group to have the Zyxel Device send a reset to both the sender and receiver when a packet matches the signature. If it is a TCP attack packet, the Zyxel Device will send a packet with a 'RST' flag to the receiver and sender. If it is an ICMP or UDP attack packet, the Zyxel Device will send an ICMP unreachable packet. This is the entry's index number in the list. The activate (light bulb) icon is lit when the entry is active and dimmed when the entry is inactive. Type the exact signature ID (identification) number that uniquely identifies a Zyxel Device IDP signature. These are the log options. To edit this, select an item and use the Log icon. This is the action the Zyxel Device should take when a packet matches a signature here. To edit this, select an item and use the Action icon. Click OK to save your settings to the Zyxel Device, and return to the profile summary page. Click Cancel to return to the profile summary page without saving any changes. 41.3 Exclude List Screen There may be privacy and legality issues regarding inspecting a user's encrypted session. The legal issues may vary by locale, so it's important to check with your legal department to make sure that it's OK to intercept SSL traffic from your Zyxel Device users. To ensure individual privacy and meet legal requirements, you can configure an exclusion list to exclude matching sessions to destination servers. This traffic is not intercepted and is passed through uninspected. Click Configuration > UTM Profile > SSL Inspection > Exclude List to display the following screen. Use Add to put a new item in the list or Edit to change an existing one or Remove to delete an existing entry. ZyWALL USG Series User's Guide 773