USG FLEX H models: security services by policy?

The previous ATP and USG FLEX models could be switched to inspection by policy ("secure-policy-style advance") instead of using IP exception to exclude the unwanted services.

The table in Firmware Release Note V1.10 doesn't mention this feature as not yet supported, but I haven't found it nonetheless. Is the function really missing?

Comments

  • Zyxel_James
    Zyxel_James Posts: 553
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 100 Answers
     Zyxel Employee

    Hello @PhilippeB
    USGFLEX H firewall also can select the SSL inspection profile by the policy, and IP exception is there too.
    I don't quite understand your question, could you rephrase it again? What's the exact feature you asking for in the H series?

  • I'll explain it with some screenshots. In the previous models it was possible to link each of the security services individually to one or more security policies:

    This function makes it much easier to set up complex scenarios and keep a simple overview. Without this function, unneeded or even interfering security services must be laboriously bypassed with quite a number of IP Exception rules. There, the logging options are also limited (e.g. no log alert in IP Exception rules).

    With the H series, only these three security services canbe linked individually:

    All the other security service like IPS have to be enabled or disabled globally:

    This simplified approach may be good for SOHO administrators. In more complex networks, this simplification is counterproductive.

    So the question is: will this important function return?

  • Zyxel_James
    Zyxel_James Posts: 553
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 100 Answers
     Zyxel Employee

    @PhilippeB Currently, this feature is not in the roadmap for uOS.

    I will put this suggestion into ideation for further evaluation.

  • p4_greg
    p4_greg Posts: 10
    First Comment Friend Collector First Anniversary
     Freshman Member

    When trying to up-vote this, I am getting error : "Category is not configured for ideation"

Security Highlight