UYWALL Performance Series - View Export & Easy Mode

ChrisGer
ChrisGer Posts: 205  Ally Member
First Anniversary Friend Collector First Answer First Comment
edited April 2021 in Security
Hi Community,
perhapse it's only a bit confused display between easy & Expert mode ?

Easy Mode

In the "Easy" Mode, the UTM Services are displayed as "activated" and "off"

Expert Mode

Same Device in the Expert View show the correct status and "Content-Filter" is definitly active and running ;)

Is this only a incorrect interpreataion by me ?

Thx for assistence
Chrisitan


Comments

  • PeterUK
    PeterUK Posts: 2,656  Guru Member
    First Anniversary 10 Comments Friend Collector First Answer

    Personally I don't see why they did easy mode if people want easy go with a Home Router.

  • ChrisGer
    ChrisGer Posts: 205  Ally Member
    First Anniversary Friend Collector First Answer First Comment
    Hi @PeterUK
    i primarily use the expert mode to habdle the more than 150 rule sets / vlans and all other configuration-parameterm on the device ;)
    But after the FW 4.30 disaster i took a closer look at the device and discovered this "delta".
    perhapse it's only a change in the source for ZYXEL to fix the display and acting issue ;)
    A USG should always show the same, no matter in which mode you are. B)

    Regards
    Christian
  • Zyxel_Emily
    Zyxel_Emily Posts: 1,280  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    @ChristianG

    The status for security service "off" in Easy Mode means the service is not turned on with any of the security policy rules.

    As long as the security service such as Content Filter is enabled on any security policy rule, it shows "On" in Easy Mode.





  • ChrisGer
    ChrisGer Posts: 205  Ally Member
    First Anniversary Friend Collector First Answer First Comment
    "As long as the security service such as Content Filter is enabled on any security policy rule, it shows "On" in Easy Mode".

    In the expert mode i've configured and active Content-/App-Filter and IDP Profiles, that are running at dedicated Security Rule Sets. That's why it looks like a bit confused  ;)

    See my Content-Filter and Ref. No. to security rules and all are active

    Content-Filter is from the intranet to extranet ressources.

    Regards
    Christian
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,431  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Hi @ChristianG,
    The easy mode UTM service on/off status is mapping to expert mode "LAN1_Outgoing" security rule.
    It seems you apply app-Filter and IDP profiles on other security rule, that's why the status is inconsistent.



  • ChrisGer
    ChrisGer Posts: 205  Ally Member
    First Anniversary Friend Collector First Answer First Comment
    now we are getting closer to the effect.
    The LAN1 on my USG has a device, on which rules / app and contenct filter are configured and in production.... but also configured on dedicated vLANs, that are assigned to the LAN2/DMZ zone. The Rule description "XXXY_Outgoing" as in the factory defauft is not existing.

    Suggestion
    If the services query does not go "only" to "LAN1_Outgoing", then the display should be correct in both modes?


    Regards
    Christian
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,431  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Hi @ChristianG,
    It’s different, the expert mode dashboard “Secured Service Status” means the license status, Activated or Expired.

    At easy mode dashboard, the on/off status means no CF/IDP/AV apply on security rule "LAN1_Outgoing". It map to this rule only. 
     
    What if the license is expired, the easy mode dashboard status is Expired and Off(Grey out).

  • ChrisGer
    ChrisGer Posts: 205  Ally Member
    First Anniversary Friend Collector First Answer First Comment
    i agree with you in you last post. But, if one of the services are configured and in place in the expert mode, this should also displayed in the easy mode ;)
    So therefore can you check if the mapping to the Label  "LAN1_Outgoing" is the best way, or if you change the query to the default zone LAN1, LAN2, DMZ to have a correct view  :);)

    Regards
    Christian
  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 1,431  Zyxel Employee
    First Anniversary 10 Comments Friend Collector First Answer
    Hi @ChrisitanG,
    Thanks for the suggestion. :)
    As you may know, in easy mode, every configuration is created by wizard.
    The dashboard (easy mode) status sync is mainly targeted at mapping to an object created by easy mode wizard.
    At security service wizard, it apply on rule “LAN1_Outgoing”, that’s why the status sync mapping to this rule only.

Security Highlight