Priority of Security Policy and Application Patrol?
Zyxel Employee
Application Patrol allows administrators to create profiles containing different applications that needs to be blocked. These application profiles are assigned to security policies in order to match traffic criteria.
Both actions are in effect, however, the Security Policy action takes precedence over Application Patrol actions. The following examples illustrate this priority relationship:
Example 1
Configuration
- Application Patrol "App-Profile-01" is set to Drop applications in the Game category
- "App-Profile-01" is assigned to a security policy that Allows traffic from 192.168.1.0/24 to Any
Result
A client at 192.168.1.33 cannot access Game applications but can still connect to YouTube and other Audio/Video category applications.
Example 2
Configuration
- Application Patrol "App-Profile-01" is set to Allow applications in the Game category
- "App-Profile-01" is assigned to a security policy that Drops traffic from 192.168.1.0/24 to Any
Result
A client at 192.168.1.33 cannot access Game applications or YouTube and other Audio/Video category applications…, as the security policy's Drop action takes precedence.
Zyxel_Judy
Categories
- All Categories
- 435 Beta Program
- 2.7K Nebula
- 176 Nebula Ideas
- 117 Nebula Status and Incidents
- 6.1K Security
- 426 USG FLEX H Series
- 298 Security Ideas
- 1.6K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 44 Wireless Ideas
- 6.7K Consumer Product
- 274 Service & License
- 419 News and Release
- 88 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.2K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 83 About Community
- 89 Security Highlight