Security Service - Zyxel Community

How to clean the Content Filter's cache by the CLI ?
Scenario : The user may encounter a situation where the Content Filter is not working (for example, a website that should be blocked is accessible) due to a caching issue. This article will guide you on how to resolve it. Answer : STEP1. Please log in to the firewall via console or SSH and enter the command below to clear…
Why does an SF_CB_IP-related security policy appear in the event log?
Question : Why is there an SF_CB_IP-related security policy event log? For instance, the source IP 10.10.123.33 was blocked by the security policy"SF_CB_10.10.123.33". However, there is no security policy called "SF_CB_10.10.123.33". Answer : The event log message 'SF_CB' stands for Security Firewall_Client Block. The…
How to check historically suspicious IP addresses using the Country Map in Secureporter?
Question: The Nebula firewall may detect some security-related events, and users may want to check historically suspicious source IPs using the Country Map feature in Secureporter. This article will guide you on how to do that. Answer : The Nebula user can select the SecuReporter icon to be redirected to the SecuReporter…
[ATP/FLEX] How to update Domain and URL category for a website?
Question: An URL is not classified in the correct category. How to update Domain and URL category for a website? Answer: If you think the category is incorrect, visit the link to submit a request to review it. http://sitereview2.cloud.zyxel.com/
Can I get a complete list of URLs registered in the Content Filter category of Nebula?
Question: Can I get a complete list of URLs registered in the Content Filter category of Nebula? Answer: Because the list of categorized URLs changes over time, it is hard to obtain the full database content directly. However, you can still query individual URLs in Nebula to check their category.
Is there an info of cpu&usage on nebula for SCR 50AXE & USG LITE 60AX
The SCR 50AXE and USG LITE 60AX do not support displaying CPU and usage information on Nebula
[ATP/FLEX] Does the Allow list of Anti-Malware support MD5 hash values in the Nebula firewall?
Question : Does the Allow list of Anti-Malware support MD5 hash values in the Nebula firewall? Answer : Yes, in addition to file names, the Allow list of Anti-Malware also supports MD5 hash values in the Nebula firewall. For example, the user can add both the file name and the hash value to the Allow list, as shown below:
[ATP/FLEX] How to avoid false positive detection by Anti-Malware in the Nebula firewall?
Scenario : If a user encounters a false positive detection by Anti-Malware in the Nebula firewall, how can this be avoided? Answer : For instance, if a user downloads a file called 'office.exe' but it fails due to being blocked by Anti-Malware (the user can find the blocked log message under Site-wide > Monitor > Firewall…
[ATP/FLEX] Why the firewall rule set to WAN to Any,but cannot block Geo IP to establish VPN?
Question : Why is the firewall rule set to WAN to Any, but it cannot block Geo IP from establishing a VPN, as shown below? Answer : Because the direction 'Any' doesn't include 'Device', the VPN traffic (UDP 500 and 4500) will still be passed to the firewall normally and won't be dropped by the security. To avoid this,…
[ATP/FLEX] How to check the IP belongs to which country by CLI?
Scenario : The user can use the CLI to check which country an IP address belongs to. This FAQ will guide you on how to perform this check. Answer : Please login to the device via SSH or console serial cable and issue the CLI command "show geo-ip geography address IP address". For instance, we issued the CLI command "show…
[ATP/FLEX]How can I allow Geo-IP to access the internal client via NAT?
Scenario : If the user wants to allow Geo-IP to access the internal client via NAT, how should it be configured? Answer : First, please navigate to Site-Wide > Configure > Firewall > NAT to add a NAT rule. Second, please navigate to Site-wide > Configure > Firewall > Security policy to add a security policy to allow the…
[ATP/FLEX]How can I block VPN services on Nebula firewall?
Scenario : If the user wants to block the VPN services on Nebula firewall? How to configure it? Answer : Please navigate to Site-wide > Configure > Firewall > Security policy to add a security policy to deny traffic from any source to the device for UDP 500 and UDP 4500 ports.
[ATP/FLEX] Is it possible for users to bypass the content filter?
Scenario : If the user creates a security policy that applies the Content Filter but still wants to allow a specific user to bypass the Content Filter's detection, how can this be configured? Answer : Please navigate to Site-wide > Configure > Firewall > Security service > IP Exception to add the specific source IP to…
[ATP/FLEX]Only can add one FQDN in polciy route
Question: I'm trying to set up FQDN routing addresses on my Nebula device, for instance, *.yahoo.com and *.hinet.com. I can add the first one, but I'm unable to add the second one. What should I do? Answer: This behavior is normal and is described in the online help documentation. Our system allows only one FQDN entry per…
[ATP/FLEX] Why are policy routes grayed-out and uneditable?
Question: I have policy routes that cannot be deleted, edited, or modified. They appear grayed-out on Nebula. Answer: The policy routes which are grayed-out are configured with "application" settings that require an active UTM license. In this particular case, the UTM security pack license on the Nebula firewall has…
How do I synchronize my security UTM across my sites or organizations?
Question: How do I synchronize my security UTM across my sites or organizations? Answer: You can use the feature Security Profile Sync to share the same Security service configuration with multiple sites in an organization. It would replace the Security Service settings configured for each site. Go to Organization-wide >…
[Nebula]How to Unblock an App from Application Usage if We Don't Want to Block a Category
Question How to unblock an app from application usage if we don't want to block a category? Answer We can switch to the application view to block/unblock a specific application if we don't want to apply changes to the whole application category. Site-wide > Applications usage
DNS Safe Search
DNS Safe Search Introduction DNS Safe Search is a feature designed to enhance content filtering on firewalls by automatically enforcing safe search mode on popular search engines. This feature ensures that inappropriate or adult-oriented content is filtered out when users perform web searches. DNS Safe Search is currently…
[Nebula] Why is Anti-Malware signature not updating?
Question : Users may encounter situations where the antivirus signature cannot be updated normally. This article will guide you on how to resolve this issue. Answer : Please use the CLI command "show anti-virus signatures status" to check if the Anti-Virus signature version and release date are up-to-date or not, as shown…
[ATP/FLEX]How to find which country the IP located
Log in Fireawall by SSH and perform the following command Router# configure terminal Router(config)# show geo-ip geography address {IP} For example:

Welcome!

It looks like you're new here. Sign in or register to get started.