IDP activation

kyssling
kyssling Posts: 107  Ally Member
First Comment First Answer Friend Collector Sixth Anniversary
in Security
Hello, I have found that I am missing active IDP setting in the Security Policy. Could someone please advise me, if IDP is generally set in "WAN to LAN" line and just activate IDP?
Should I possibly prepare for the possibility of some non-functional services (RDP ...) after this activation?
Thank you for your help !
«1

All Replies

  • dkyeager
    dkyeager Posts: 71  Ally Member
    First Comment Friend Collector Sixth Anniversary
    What model and firmware version are you using?
  • Emerald
    Emerald Posts: 36  Freshman Member
    First Comment Fifth Anniversary
    kyssling said:
    Hello, I have found that I am missing active IDP setting in the Security Policy. Could someone please advise me, if IDP is generally set in "WAN to LAN" line and just activate IDP?
    Should I possibly prepare for the possibility of some non-functional services (RDP ...) after this activation?
    Thank you for your help !
    He ive wintessed this. I have all services activated & licenced but when you create a security policy you can choose ADP, content filter SSL some other one but no IDP

    I figured i missed some thing, I plan to go back to look at this with more time next week

    (was a FLEX 200 BTW)

  • kyssling
    kyssling Posts: 107  Ally Member
    First Comment First Answer Friend Collector Sixth Anniversary
    Hi i use Zyxel USG110 with FW:V4.70(AAPH.0)ITS-WK46-r102519 and mean IDP here ...
     
  • Zyxel_James
    Zyxel_James Posts: 718  Zyxel Employee
    Zyxel Certified Network Administrator - Security Zyxel Certified Network Administrator - Nebula Zyxel Certified Sales Associate 100 Answers
    You may create a security rule for the IDP profile that blocks the service from WAN to LAN.
     
    If you are concerned that the RDP service will be blocked when IDP is activated. You may edit the Signature Group of the IDP profile, inactivate the RDP service.

    Or if you are concerned that the other services will be blocked, you can create an IDP profile and set action to "none" and "log" to detect which related service is used, then inactivate the service in the IDP profile.


    BR,
    James
  • kyssling
    kyssling Posts: 107  Ally Member
    First Comment First Answer Friend Collector Sixth Anniversary
    Hello, someone has it turned on in practice ?
    We use only RDP over VPN ... Thank you ...
  • kyssling
    kyssling Posts: 107  Ally Member
    First Comment First Answer Friend Collector Sixth Anniversary
    Does anyone have experience with checked iDP ? Vaclav
  • osake_li_09
    osake_li_09 Posts: 9
    First Comment Friend Collector First Anniversary
    @kyssling, you may try inactive RDP service in the IDP profile. RDP over VPN is feasible.
  • kyssling
    kyssling Posts: 107  Ally Member
    First Comment First Answer Friend Collector Sixth Anniversary
    Thank you, and are you use it in a real environment ? 
  • osake_li_09
    osake_li_09 Posts: 9
    First Comment Friend Collector First Anniversary
    @kyssling, yes, I have a VPN scenario that connects to USG110 through IPsec VPN, and enables the IDP profile which inactive RDP service. It works.


  • kyssling
    kyssling Posts: 107  Ally Member
    First Comment First Answer Friend Collector Sixth Anniversary
    Hello osake_li_09,
    thanks for answer, If I understand correctly you had to deactivate all RDP items in the IDP settings ...
    Remaining items are activated ?

Categories

Security Help Center

EnglishTiếng ViệtРусскийไทย中文(台灣)