ADP hits are sporadical, rarely from same IP. Do you add the IP's to blocking rules?

Zyxel_USG_User
Zyxel_USG_User Posts: 6  Freshman Member
First Comment

Please elaborate a bit why yes respectively no, thank you.

Accepted Solution

  • Zyxel_Kay
    Zyxel_Kay Posts: 1,204  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - WLAN Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security
    edited August 21 Answer ✓

    Hi @Zyxel_USG_User

    The firewall processes packets by first checking them against the ADP (Anomaly Detection & Prevention) rules. If a packet is blocked by ADP, there's no need to create additional security policies for that specific traffic. The ADP effectively takes precedence, so setting up redundant blocking rules in your security policy isn't necessary.

    To assist you further, could you please provide the following details:

    • The specific concerns or issues you're experiencing with ADP hits.
    • A description of your current configuration settings.
    • If possible, please share your device's diagnostic file with us via private message.
    • A screenshot of the relevant event logs to help us better understand the situation.

    Kay

    See how you've made an impact in Zyxel Community this year! https://bit.ly/Your2024Moments_Community

All Replies

  • Zyxel_Kay
    Zyxel_Kay Posts: 1,204  Zyxel Employee
    Zyxel Certified Network Engineer Level 2 - Nebula Zyxel Certified Network Engineer Level 2 - WLAN Zyxel Certified Network Engineer Level 2 - Switch Zyxel Certified Network Engineer Level 2 - Security
    edited August 21 Answer ✓

    Hi @Zyxel_USG_User

    The firewall processes packets by first checking them against the ADP (Anomaly Detection & Prevention) rules. If a packet is blocked by ADP, there's no need to create additional security policies for that specific traffic. The ADP effectively takes precedence, so setting up redundant blocking rules in your security policy isn't necessary.

    To assist you further, could you please provide the following details:

    • The specific concerns or issues you're experiencing with ADP hits.
    • A description of your current configuration settings.
    • If possible, please share your device's diagnostic file with us via private message.
    • A screenshot of the relevant event logs to help us better understand the situation.

    Kay

    See how you've made an impact in Zyxel Community this year! https://bit.ly/Your2024Moments_Community

Security Highlight