USG FLEX H models: security services by policy?

PhilippeB · November 3

The previous ATP and USG FLEX models could be switched to inspection by policy ("secure-policy-style advance") instead of using IP exception to exclude the unwanted services.

The table in Firmware Release Note V1.10 doesn't mention this feature as not yet supported, but I haven't found it nonetheless. Is the function really missing?

Zyxel_James · November 7

Hello @PhilippeB
USGFLEX H firewall also can select the SSL inspection profile by the policy, and IP exception is there too.
I don't quite understand your question, could you rephrase it again? What's the exact feature you asking for in the H series?

PhilippeB · November 9

I'll explain it with some screenshots. In the previous models it was possible to link each of the security services individually to one or more security policies:

This function makes it much easier to set up complex scenarios and keep a simple overview. Without this function, unneeded or even interfering security services must be laboriously bypassed with quite a number of IP Exception rules. There, the logging options are also limited (e.g. no log alert in IP Exception rules).

With the H series, only these three security services canbe linked individually: