Disable UTM for specific device
Hello. Our usg60 is connected to the internet via 1GBit/s FTTH symmetric. We have 1 public IP. The device runs as max security with UTM enabled. It works fine. Max speed behind the firewall is around 90MBit/s.
Now there will be one new device behind the firewall which needs maximum speed, not maximum security. How could we achieve that device to get the full 1GBit/s bypassing UTM?
Accepted Solution
-
Hello @swissmawi Welcome to Zyxel commnity!
UTM service includes APP Patrol, Content Filter, IDP, and anti-virus. All of them request to create a profile and then apply it to a policy rule. So to bypass a specific host from UTM service, you just make sure the host does not correspond to the policy rule.
For example, when you apply a UTM service to LAN1_outgoing rule, if the host is in LAN1, the traffic from the host must be detected by the UTM service. The solution is to create a new rule with a higher priority for the specific host, and don't apply any UTM service to this rule.
Please refer to the screenshot below, 192.168.1.100 is the host needs to bypass the UTM service, so I create a new rule for this host and does not apply any UTM service to it.
0
Zyxel Employee
All Replies
-
Hello @swissmawi Welcome to Zyxel commnity!
UTM service includes APP Patrol, Content Filter, IDP, and anti-virus. All of them request to create a profile and then apply it to a policy rule. So to bypass a specific host from UTM service, you just make sure the host does not correspond to the policy rule.
For example, when you apply a UTM service to LAN1_outgoing rule, if the host is in LAN1, the traffic from the host must be detected by the UTM service. The solution is to create a new rule with a higher priority for the specific host, and don't apply any UTM service to this rule.
Please refer to the screenshot below, 192.168.1.100 is the host needs to bypass the UTM service, so I create a new rule for this host and does not apply any UTM service to it.
0 -
Thanks for the clear and complete answer. This is really helpful.
0
Categories
- All Categories
- 414 Beta Program
- 2.2K Nebula
- 130 Nebula Ideas
- 88 Nebula Status and Incidents
- 5.4K Security
- 166 USG FLEX H Series
- 255 Security Ideas
- 1.4K Switch
- 71 Switch Ideas
- 999 Wireless
- 36 Wireless Ideas
- 6.2K Consumer Product
- 233 Service & License
- 370 News and Release
- 77 Security Advisories
- 24 Education Center
- 5 [Campaign] Zyxel Network Detective
- 2.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 80 About Community
- 69 Security Highlight
