Zyxel ZyWALL-USG50 Router Manual PDF (Setup & Configuration Guide)

Page 446 / 944 Scroll up to view Page 441 - 445

Chapter 28 Application Patrol

ZyWALL USG 50 User’s Guide

446

28.1.3.5

FTP WAN to DMZ Bandwidth Management Example

•

ADSL supports more downstream than upstream so you allow remote users 300

kbps for uploads to the DMZ FTP server (outbound) but only 100 kbps for

downloads (inbound).

•

Third highest priority (3).

•

Disable maximize bandwidth usage since you do not want to give FTP more

bandwidth.

Figure 273

FTP WAN to DMZ Bandwidth Management Example

28.1.3.6

FTP LAN to DMZ Bandwidth Management Example

•

The LAN and DMZ zone interfaces are connected to Ethernet networks (not an

ADSL device) so you limit both outbound and inbound traffic to 50 Mbps.

•

Fourth highest priority (4).

•

Disable maximize bandwidth usage since you do not want to give FTP more

bandwidth.

Figure 274

FTP LAN to DMZ Bandwidth Management Example

Inbound: 100 kbps

Outbound: 300 kbps

BWM

Outbound: 50 Mbps

BWM

Inbound: 50 Mbps

Page 447 / 944

Chapter 28 Application Patrol

ZyWALL USG 50 User’s Guide

447

28.2

Application Patrol General Screen

Use this screen to enable and disable application patrol. It also lists the

registration status and details about the signature set the ZyWALL is using.

Note: You must register for the IDP/AppPatrol signature service (at least the trial)

before you can use it.

See

Section 10.1 on page 209

for how to register.

Click

Configuration > App Patrol

to open the following screen.

Figure 275

Configuration > App Patrol > General

The following table describes the labels in this screen. See

Section 28.3.1 on page

449

for more information as well.

Table 129

Configuration > App Patrol > General

LABEL

DESCRIPTION

Enable

Application

Patrol

Select this check box to turn on application patrol.

Enable BWM

This is a global setting for enabling or disabling bandwidth management

on the ZyWALL. You must enable this setting to have individual policy

routes or application patrol policies apply bandwidth management.

This same setting also appears in the

Network > Routing > Policy

Route

screen. Enabling or disabling it in one screen also enables or

disables it in the other screen.

Page 448 / 944

Chapter 28 Application Patrol

ZyWALL USG 50 User’s Guide

448

28.3

Application Patrol Applications

Use the application patrol

Common

,

Instant Messenger

,

Peer to Peer

,

VoIP

,

or

Streaming

screen to manage traffic of individual applications.

Use the

Common

screen (shown here as an example) to manage traffic of the

most commonly used web, file transfer and e-mail protocols.

Enable

Highest

Bandwidth

Priority for

SIP Traffic

Select this to maximize the throughput of SIP traffic to improve SIP-

based VoIP call sound quality. This has the ZyWALL immediately send

SIP traffic upon identifying it. When this option is enabled the ZyWALL

ignores any other application patrol rules for SIP traffic (so there is no

bandwidth control for SIP traffic) and does not record SIP traffic

bandwidth usage statistics.

Registration

The following fields display information about the current state of your

subscription for IDP/application patrol signatures.

Registration

Status

This field displays whether a service is activated (

Licensed

) or not (

Not

Licensed

)

or expired (

Expired

).

Registration

Type

This field displays whether you applied for a trial application (

Trial

) or

registered a service with your iCard’s PIN number (

Standard

).

None

displays when the service is not activated.

Apply new

Registration

This link appears if you have not registered for the service or only have

the trial registration. Click this link to go to the screen where you can

register for the service.

Signature

Information

The following fields display information on the current signature set that

the ZyWALL is using.

Current

Version

This field displays the IDP signature and anomaly rule set version

number. This number gets larger as the set is enhanced.

Released

Date

This field displays the date and time the set was released.

Update

Signatures

Click this link to go to the screen you can use to download signatures

from the update server.

Apply

Click

Apply

to save your changes back to the ZyWALL.

Reset

Click

Reset

to return the screen to its last-saved settings.

Table 129

Configuration > App Patrol > General (continued)

LABEL

DESCRIPTION

Page 449 / 944

Chapter 28 Application Patrol

ZyWALL USG 50 User’s Guide

449

Click

Configuration > App Patrol > Common

to open the following screen.

Figure 276

Configuration > App Patrol > Common

The following table describes the labels in this screen. See

Section 28.3.1 on page

449

for more information as well.

28.3.1

The Application Patrol Edit Screen

Use this screen to edit the settings for an application. To access this screen, go to

the application patrol

Common

,

Instant Messenger

,

Peer to Peer

,

VoIP

, or

Table 130

Configuration > App Patrol > Common

LABEL

DESCRIPTION

Edit

Double-click an entry or select it and click

Edit

to open a screen where

you can modify the entry’s settings.

Activate

To turn on an entry, select it and click

Activate

.

Inactivate

To turn off an entry, select it and click

Inactivate

.

#

This field is a sequential value, and it is not associated with a specific

application.

Status

The activate (light bulb) icon is lit when the entry is active and dimmed

when the entry is inactive.

Service

This field displays the name of the application.

Default Access

This field displays what the ZyWALL does with packets for this

application. Choices are:

forward

,

drop

, and

reject

.

Apply

Click

Apply

to save your changes back to the ZyWALL.

Reset

Click

Reset

to return the screen to its last-saved settings.

Page 450 / 944

Chapter 28 Application Patrol

ZyWALL USG 50 User’s Guide

450

Streaming

screen and click an application’s

Edit

icon. The screen displayed here

is for the MSN instant messenger service.

Figure 277

Application Edit

The following table describes the labels in this screen.

Table 131

Application Edit

LABEL

DESCRIPTION

Service

Enable

Service

Select this check box to turn on patrol for this application.

Service

Identification

Name

This field displays the name of the application.

Classification

Specify how the ZyWALL should identify this application. Choices are:

Auto

- the ZyWALL identifies this application by matching the IP

payload with the application’s pattern(s).

Service Ports

- the ZyWALL identifies this application by looking at the

destination port in the IP header.

Service Port

This is available if the

Classification

is

Service Ports

. You can view

and edit the list of ports used to identify this application.

Add

Click this to create a new entry.

Edit

Select an entry and click this to be able to modify it.

Remove

Select an entry and click this to delete it.

Rate

Popular Zyxel Models

Famous Router IPs

Famous Router Companies

Bookmark Our Site

Share