Priority of Security Policy and Application Patrol?
Zyxel Employee
Application Patrol allows administrators to create profiles containing different applications that needs to be blocked. These application profiles are assigned to security policies in order to match traffic criteria.
Both actions are in effect, however, the Security Policy action takes precedence over Application Patrol actions. The following examples illustrate this priority relationship:
Example 1
Configuration
- Application Patrol "App-Profile-01" is set to Drop applications in the Game category
- "App-Profile-01" is assigned to a security policy that Allows traffic from 192.168.1.0/24 to Any
Result
A client at 192.168.1.33 cannot access Game applications but can still connect to YouTube and other Audio/Video category applications.
Example 2
Configuration
- Application Patrol "App-Profile-01" is set to Allow applications in the Game category
- "App-Profile-01" is assigned to a security policy that Drops traffic from 192.168.1.0/24 to Any
Result
A client at 192.168.1.33 cannot access Game applications or YouTube and other Audio/Video category applications…, as the security policy's Drop action takes precedence.
Categories
- All Categories
- 431 Beta Program
- 2.6K Nebula
- 164 Nebula Ideas
- 112 Nebula Status and Incidents
- 6K Security
- 364 USG FLEX H Series
- 292 Security Ideas
- 1.5K Switch
- 78 Switch Ideas
- 1.2K Wireless
- 42 Wireless Ideas
- 6.6K Consumer Product
- 262 Service & License
- 407 News and Release
- 87 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.9K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 83 Security Highlight