This is an example of using a firewalls UTM Profile to block access and download files from an FTP or HTTP server. Use the Anti-Virus blacklist to set up the blocked list of file patterns to restrict access and download of certain files.
Note: All network IP addresses and subnet masks are used as examples in this article. Please replace them with your actual network IP addresses and subnet masks. This example was tested using USG310 (Firmware Version: ZLD 4.13).
Step by step guide
Set Up the Anti-Virus Profile on the ZyWALL/USG
1. In the ZyWALL/USG, go to
CONFIGURATION > UTM Profile > Anti-Virus > Black/White List > Black List
click the Add icon. Use wildcards (*) to configure File Pattern.
CONFIGURATION > UTM Profile > Anti-Virus > Black/White List > Black List > Add rule
2. Go to CONFIGURATION > UTM Profile > Anti-Virus > Black/White List > Black List > General Settings to select Enable Black List.
CONFIGURATION > UTM Profile > Anti-Virus > Black/White List > Black List > General Settings
3. In the ZyWALL/USG, go to
CONFIGURATION > UTM Profile > Anti-Virus > Profile > Profile Management > Add rule
and configure a Name for you to identify the Anti-Virus Profile.
Select Log type as log alert to view the result later.
Make sure you select Check Black List and click OK.
CONFIGURATION > UTM Profile > Anti-Virus > Black/White List > Black List > General Settings
Set Up the Security Policy on the ZyWALL/USG
1. In the ZyWALL/USG, go to
CONFIGURATION > Security Policy > Policy Control
, configure a Name for you to identify the Security Policy profile. For From and To policies, select the direction of travel of packets to which the policy applies.
Scroll down to UTM Profile, select Anti-Virus and select a profile from the list (Block_FTP_HTTP_Download in this example).
CONFIGURATION > Security Policy > Policy Control
Verification:
1. When you download a PDF file from the HTTP server, the browser will display: Failed to load PDF document.
2. When you download a PDF file from the FTP server, the browser won’t be able to display content.
3. Go to the ZyWALL/USG
Monitor > Log
to see [info] log message such as below.
What can go wrong?
1. If you are not able to configure any Anti-Virus policies or it’s not working, there are two possible reasons:
a. You have not subscribed for the Anti-Virus service.
b. You have subscribed for the Anti-Virus service, but the license is expired.
You can click the link from the CONFIGURATION > Licensing > Registration screen of your ZyXEL device’s Web Configurator or click the myZyXEL.com 2.0 icon from the portal page (https://portal.myzyxel.com/) to register or extend your Anti-Virus license.
Comments
0 comments
Please sign in to leave a comment.