Security Service - Zyxel Community

An easier way to input a large list of blocked IPs
If you want to block a large list of addresses to access your firewall, but don't want to create the address object one by one, we can do it by directly adjusting the configuration. Solution: a. Download the startup-config.conf and open the .conf file with txt notebook b. Find the configuration of address-object and…
How to configure ADP block IP time period?
Background and Scenario: Could it be possible to limit the tries from a certain IP to a port forward on the USG FLEX series? For example, someone that sends a DOS to an opened port, if he tries 5 times in a short amount of time, that is blocked for 1 hour. Answer: You could configure the block period to 3600 seconds on the…
How to solve the issue that GEO-IP blocks internal LAN IP that belongs to a certain Geo Region IP?
The administrator wants to block web GUI access from Venezuela so the following security policy is created. However, GEO-IP blocks internal LAN IPs because the LAN subnet has the same IP range of a certain Geo Region IP. How to solve this issue if it is impossible to change the LAN IP address? Suppose you'd like to block…
How to capture IPS packets for false positive analyzing?
Scenario IPS false positive occurs when the IPS detects an activity as malicious, which is identified mistakenly as an attack. Sometimes it would have negative impact for business. If we would like to report false positive event/ID to Zyxel support, we need to provide related information/log for analyzing. This…
How to resolve Anti-Malware and Sandboxing false positive case
Sometimes when you execute a program update such as Windows update and Antivirus software. You probably encounter a situation that Anti-Malware or Sandboxing tells you it’s a suspicious or malicious program so the firewall dropped it leading to a download error. But you are indeed confirming it’s a legitimate file, it…
How to block YouTube access by schedule
This is an example of using the USG Flex/ATP to block access YouTube access by schedule. You can use Application Patrol and security policy with schedule settings to make sure that YouTube cannot be accessed in your network at a specific prohibited time. This article will guide you on how to deploy it. USG Flex/ATP with…
How to check Content Filter service when it is not working as expected
The device has valid content filter license and content filter service is enabled.. However, you find some sites still bypass the inspection and are not being blocked when they should be. The article explains how to troubleshoot when Content Filter is not working as expected. Web Content Filtering Process 1. A user enters…
How to configure Device Insight
How to configure Device Insight Device Insight continuously monitors the network to detect wired and wireless devices, collect their information, and classify them into specific categories or operating system. It helps users simply discover and manage devices. Enable Device Insight and create profile In the Web GUI, go to…
How to configure Email Security for Phishing mail?
The following depicts a sample configuration of Email security for Phishing mail. Phishing is a type of online scam where criminals send an email with a fake website and asking you to provide sensitive information. An example of phishing attack: 1. Attacker creates an fake banking websites which copy the content from real…
How to Configure an Email Security Policy with Mail Scan and DNSBL on ATP?
This is an example of using ATP Series’ UTM Profile to mark or discard spam (unsolicited commercial or junk e-mail). Use the Email Security white list to identify legitimate e-mail. Use the Email Security black list to identify spam e-mail. The ATP Series can also check e-mail against a DNS Black List (DNSBL) of IP…
How do I exclude some domains to let traffic pass through uninspected?
You can configure an exclusion list to exclude matching sessions to destination servers. This traffic is not intercepted and is passed through uninspected. CONFIGURATION > UTM Profile > SSL Inspection > Exclude List Here is another simple way to add exclude list. You can also go to Monitor > UTM Statistics > SSL Inspection…
How To Configure an Anti-Spam Policy with Mail Scan and DNSBL ?
This is an example of using ZyWALL/USG UTM Profile to mark or discard spam (unsolicited commercial or junk e-mail). Use the Anti-Spam white list to identify legitimate e-mail. Use the Anti-Spam black list to identify spam e-mail. The ZyWALL/USG can also check e-mail against a DNS Black List (DNSBL) of IP addresses of…
There is no report on the report server if Category Service is not enabled in the profile
Custom Service” just set local check and it doesn't trigger report sending. Without "Enable Content Filter Category Service", there will be no reports on the report server.You must enable “Enable Content Filter Category Service” to force CF engine running query to get content filter result.
Can we block access for YouTube streaming only?
Add YouTube (media) in the application block rule. This way, users can access the YouTube website but they are not allowed to watch the videos.
How to block HTTPS websites using Content Filtering and SSL Inspection?
SCENARIO DESCRIPTION: How to block HTTPS websites using Content Filtering and SSL Inspection? This is an example of using a ZyWALL/USG Content Filtering, SSL Inspection and Security Policy to block access to malicious or not business-related websites. Note: All network IP addresses and subnet masks are used as examples in…
How can I block https://www.facebook.com?
QUESTION If I block Facebook via the Content Filter, it works for http but not for https. We still can access Facebook via https. What can I do to block https://www.facebook.com? ANSWER Content Filter is used to block URLs. If we set up Facebook in the black list, it can only reject the traffic of http. We have to use…

Welcome!

It looks like you're new here. Sign in or register to get started.