Priority of Security Policy and Application Patrol?
Zyxel Employee
Application Patrol allows administrators to create profiles containing different applications that needs to be blocked. These application profiles are assigned to security policies in order to match traffic criteria.
Both actions are in effect, however, the Security Policy action takes precedence over Application Patrol actions. The following examples illustrate this priority relationship:
Example 1
Configuration
- Application Patrol "App-Profile-01" is set to Drop applications in the Game category
- "App-Profile-01" is assigned to a security policy that Allows traffic from 192.168.1.0/24 to Any
Result
A client at 192.168.1.33 cannot access Game applications but can still connect to YouTube and other Audio/Video category applications.
Example 2
Configuration
- Application Patrol "App-Profile-01" is set to Allow applications in the Game category
- "App-Profile-01" is assigned to a security policy that Drops traffic from 192.168.1.0/24 to Any
Result
A client at 192.168.1.33 cannot access Game applications or YouTube and other Audio/Video category applications…, as the security policy's Drop action takes precedence.
Zyxel_Judy
Categories
- All Categories
- 435 Beta Program
- 2.7K Nebula
- 183 Nebula Ideas
- 120 Nebula Status and Incidents
- 6.2K Security
- 440 USG FLEX H Series
- 299 Security Ideas
- 1.6K Switch
- 80 Switch Ideas
- 1.2K Wireless
- 44 Wireless Ideas
- 6.7K Consumer Product
- 276 Service & License
- 433 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 84 About Community
- 91 Security Highlight