It seems like the newly released devices have a different way of creating/assigning security policies. What used to be done within the individual security feature's page is now moved to Security Policy/Policy Control. It's basically our good ol' firewall page.
How do I apply anti-virus/IDP policies? Do I apply it to LAN1_to_WAN? Shouldn't it be WAN_to_LAN1, which doesn't exist? The direction of traffic with virus is going to be coming from the WAN, so logic dictates that it would be WAN_to_LAN1...
I even stumped the Zyxel USA team and I made a movie showing only Lan 1 worked for incoming when USA Zyxel said it should be WAN. They showed the movie to the developers in Taiwan. They came back and said Lan 1 or Lan 2 . If you use WAN you are scanning going outbound.
Its a little bit confusing, but the rule is referring to the direction of the *connection* not the direction of the traffic flow. For example when you browse to www.dslreports.com, your computer is initiating an outgoing connection(lan-to-wan) to the dslreports webserver. Even though the traffic through the connection is bi-directional, its still a lan-to-wan connection.
Ok, that's what I thought. Just wanted to verify. Essentially, a tunnel is punched through the firewall momentarily when a device that's sitting behind the firewall (LAN device) initiates communication with an external server, then that server uses this tunnel for transmission of data that was requested.
So LANX_to_WAN is where IDP, Anti-Virus, Content Filtering policies need to be applied to.