In addition to the firewall, the ZYWALL USG also supports ADP or Anomaly Detection & Prevention. This feature protects the ZyWALL and your network against any sort of port scans and anomaly sweeps done by malicious persons or prgrams in order to find network vulnerabilities.

To view and edit your ADP settings, click on the Configuration icon, and then navigat to Anti-X > ADP. You’ll see the ADP General tab.

You’ll notice that you can apply different profiles to different interfaces; this is so that you can have, for example, better security on the WAN (against Internet-based port sweeps and such) as opposed to the more-trusted LAN.

If you need to alter or create a new profile, just click on the Profile tab.

By default, you’ll only have the default ADP_PROFILE. You can Add a new profile or Edit the existing one. You can also Delete profiles that are no longer needed.

Regardless of whether you add or edit a profile, you be directed to the profile’s settings. Each profile has about 27 different settings, from port sweeps to distributed protocol scan to filtered decoy protocol scans, and so forth. The Sensitivity drop-down can select a general acceptance of what should and shouldn’t be actionable, but you can fine tune settings using the Action field for each rule. You can also Disable a rule entirely (or Enable a previously disabled rule).

At the bottom of the profile’s settings are the Flood Detection anomaly patterns, which can help against malicious attacks from protocol flooding. Instead of Actions, you can change the Threshold of each rule. This can help if certain legitimate programs are inadvertently being stopped by ADP.

For more in-depth info on App Patrol, download the Users Guide for any of our ZyWALL USGs at ftp.us.zyxel.com. Additionally, the full Users Guide can be interactively accessed from any ZyWALL USG’s Help menu.