Security Service - Zyxel Community

How to achieve a seamless migration with the latest Firewall Configuration Converter?
We are excited to announce the launch of our latest Configuration Converter, available starting now! This powerful tool is designed to simplify and streamline your configuration migration, ensuring a smooth and efficient transfer process. Whether you're upgrading from Zyxel USG FLEX/ATP to USG FLEX H, migrating USG to ATP,…
How to mitigate DDoS Attacks?
Over the past few days, users have been subjected to a significant DDoS (Distributed Denial of Service) attack, causing widespread outages. The following signs will help you recognize if this is the case: If you have experienced the following problems in the past few days you have likely been subjected to a DDoS attack:…
What is the difference between IPS Prevention Mode and Detection Mode?
Question: What is the difference between IPS Prevention Mode and Detection Mode? Answer: Detection Mode Purpose: Monitors traffic and logs any suspicious activity without taking action to block or drop it. Behavior: Logs threats or events for administrator review. Does not interfere with traffic flow. Use Case: Useful…
Is a license required to block streaming sites?
Question: Is a license required to block streaming sites? Answer: To block streaming sites, we suggest you use App Patrol and Content Filtering. Application Patrol license and Web Filtering license are required. App Patrol: You can use App Patrol to block specific applications like BBC iPlayer. Create an application object…
What's the format of the external block list?
Question: What's the format of the external block list Answer: • Single IP 4.4.4.4 • CIDR 192.168.1.0/32 • IP range (1.2.3.4-1.2.3.100) If the external block list file contains any invalid entries, the Zyxel Device will not use the file.
Why Top 5 Applications and Top 5 Category on Security Dashboard were greyed out?
Question: Why Top 5 Applications and Top 5 Category on Security Dashboard were greyed out? Answer: Top 5 Applications display data when APP Patrol is used. Top 5 Categories display data when Content Filter is used.
Is it possible to bypass UTM feature by Domain name?
Symptom: Is it possible to bypass UTM feature by Domain name? Answer: Currently we only support "IP" as overall exception, You can only add the domain name allowed list to the content filter as well as DNS/URL threat filter.
How to enable a log for wan interface when the wan drops?
Question: How to enable a log for the WAN interface when the WAN drops? Answer: You can create a Policy Control rule to achieve this. For example: From: WAN, To: ZyWALL, Service: Any, Action: deny, Log Action: Log This rule will drop all incoming traffic from WAN to the firewall. To prevent this rule from affecting…
Client cannot access website through FLEX H sereis
Question: Client cannot access website through FLEX H sereis, It said DNS can't resovled, but the domain can be resolved through nslookup/dig Root cause: This is beacuse you used DNS over HTTPS, You would find queiry type65 in packets capture, such like ethertype IPv4 (0x0800), length 70: 192.168.121.33.47647 > 8.8.8.8.53:…
How to disable Sandbox on USG FLEX H?
Question: How to disable Sandbox on USG FLEX H? Answer: Go to Security Services > Sandbox, turn off the option "Enable Sandbox"
How to limit the use of an application (like Facebook) only to some devices on the network?
Question: How to limit the use of an application (like Facebook) only to some devices on the network? Answer: Create an APP patrol profile with allowing facebook. Please note taht the action is forward Apply the AAP patrol profile to a security policy You can specify source IP or user account as criteria
Priority of Security Policy and Application Patrol?
Application Patrol allows administrators to create profiles containing different applications that needs to be blocked. These application profiles are assigned to security policies in order to match traffic criteria. Both actions are in effect, however, the Security Policy action takes precedence over Application Patrol…
What Happens to Expired Secure WiFi Licenses?
When the USG FLEX H's Secure WiFi license expired: The number of managed APs will revert to the default of 8. All online APs will be disconnected and the first 8 that reconnect to the Firewall will become managed APs. Other APs show as disconnected in firewall but stay in managed mode with last provision retained. To know…
Maximum Number of Managed APs with USG FLEX H
The USG FLEX H can manage 8 access points by default. With a Secure WiFi license, this capacity can be upgraded to the maximum supported number of managed APs (with uOS v1.32): USG FLEX 50H/ 50HP: 12 APs USG FLEX 50H/ 50HP: 24 APs USG FLEX 50H/ 50HP: 40 APs USG FLEX 50H/ 50HP: 72 APs USG FLEX 50H/ 50HP: 520 APs
How to setup Security Services to block website on USG FLEX H on Nebula?
Security Services The Security Services on FLEX H firewall could help to protect your network to prevent clients to accessing unsafe websites. Also you can prevent your client to accessing selected web site by Content Filter , Application Patrol services. This is an example to setup Content Filter and Application Patrol…
How do I clean the Anti-Malware statistics using the CLI on the USG Flex H/HP model?
Question: How do I clean the Anti-Malware statistics using the CLI on the USG Flex H/HP model? Answer: The user can use the CLI command "cmd anti-malware-statistics-flush" to clean the Anti-Malware statistics on the USG Flex H/HP model.
How do I check the MD5 hash block list of Anti-Malware using CLI?
Question: How do I check the File Name Pattern block list of Anti-Malware using CLI? Answer: The user can use the CLI command "show config vrf main anti-malware block-list file-name-pattern" to check the File Name Pattern block list of Anti-Malware.
How do I check the MD5 hash block list of Anti-Malware using CLI?
Question: How do I check the MD5 hash block list of Anti-Malware using CLI? Answer: The user can use the CLI command "show config vrf main anti-malware block-list md5-hash" to check the MD5 hash block list of Anti-Malware.
How do I check the block list enabled status of Anti-Malware using CLI?
Question: How do I check the block list enabled status of Anti-Malware using CLI? Answer : The user can use the CLI command "show config vrf main anti-malware block-list enabled" to check the block list enabled status of Anti-Malware.
What is the meaning of the Threshold of Flood Detection in DoS prevention?
Question : What is the meaning of the Threshold of Flood Detection in DoS prevention? Answer : Threshold means the number of packets per second that match the flood detection criteria. For instance, if over 1000 ICMP packets are sent from an IP address per second, the IP will be blocked by the ICMP Flood protection of DoS…
How can I export the Content Filter-related logs from Log/Events on the USG Flex H model?
Question: How can I export the Content Filter-related logs from Log/Events on the USG Flex H model? Answer : The user can navigate to the GUI path Log & Report > Log/Events and export the log messages related to Content Filter. Once the user downloads the log file, they can open it to review the details.
How can I check the count number of Anti-Malware statistics on USG Flex H models using the CLI?
Question: How can I check the count number of Anti-Malware statistics on USG Flex H models using the CLI? Answer : The user can use the following CLI command to check the count number of Anti-Malware statistics : show state vrf main anti-malware statistics summary malware-detected-count

Welcome!

It looks like you're new here. Sign in or register to get started.