External Block Lists
Overview
Use these screens to use block IP, FQDN or URL list entries stored in a file on a web server that supports HTTP or HTTPS and is reachable from the Zyxel Device. The Zyxel Device will bypass checking by this feature (if enabled) and block incoming and outgoing packets from the block list entries in this file. In this way, different Zyxel Devices can use the same block list.
The external block list file must be in text format (*.txt) with each entry separated by a new line.
IP Reputation External Block List Screen
External block list entries can consist of single IPv4 / IPv6 IP addresses, IP address ranges, CIDR (Classless Inter-Domain Routing entries such as 192.168.1.1/24, 2001:7300:3500::1/64. These are some examples for your reference only:
• Single IP 4.4.4.4
• CIDR 192.168.1.0/32
IP range (1.2.3.4-1.2.3.100)If the external block list file contains any invalid entries, the Zyxel Device will not use the file.
The external block list file can contain up to 50,000 entries. A warning message displays when the maximum is reached.
If a license has expired, you will see a reminder in this screen. You need to renew the license in order to keep using the feature. Click Buy Now to go to Marketplace to purchase a new license. Click See Details to go to the Zyxel web page to find more information on licenses for your Zyxel Device. 
The following table describes the labels in this screen.
Label | Description |
|---|---|
Enable | Select this to have the Zyxel Device block packets that come from the listed addresses in the block list file on the server. |
Profile Management | |
Add | Click this to create a new IP reputation external block list profile entry. |
Remove | Select an entry and click this to delete it. |
Active | To turn off an entry, select it and click Active. The Status light changes accordingly. |
Inactive | To turn off an entry, select it and click Inactive. The Status light changes accordingly. |
Status | This icon is lit when the entry is active and dimmed when the entry is inactive. |
Name | Enter an identifying name for the block list file. You can use alphanumeric and ()+/:=?!*#@$_%- characters, and it can be up to 60 characters long. |
Source URL | Enter the exact file name, path and IP address of the server containing the block list file. For example, http://172.16.107.20/blocklist-files/myip-ebl.txt The server must be reachable from the Zyxel Device. |
Description | Enter a description of the block list file. You can use alphanumeric and ()+/:=?!*#@$_%- characters, and it can be up to 60 characters long. |
Edit | Select an entry and click this icon to modify it.  |
Remove | Select an entry and click this icon to delete it.  |
Save Changes | Click this icon to save the changes in this row.  |
Cancel Changes | Click this icon to cancel the changes in this row.  |
Signature Update | New IP reputation signatures can be downloaded to the Zyxel Device periodically if you have subscribed for the IP reputation signatures service. You need to create a Zyxel account, register your Zyxel Device and then subscribe for IP reputation service in order to be able to download new signatures (see the Registration screens). Schedule signature updates for a day and time when your network is least busy to minimize disruption to your network. |
Update Now | Click this to have the Zyxel Device immediately check for new signatures. If new signatures are found, they are then downloaded to the Zyxel Device. |
Auto Update | Click this to have the Zyxel Device automatically check for new signatures regularly at the time and day specified. You should select a time when your network is not busy for minimal interruption. |
Every N Hours | Select this to have the Zyxel Device check for new signatures every specified number of hours (N). |
Daily | Select this to have the Zyxel Device check for new signatures every day at the specified time (am/pm). The time format is the 12 hour clock. |
Weekly | Select this option to have the Zyxel Device check for new signatures once a week on the day and at the time (am/pm) specified. |
Apply | Click Apply to save your changes back to the Zyxel Device. |
Cancel | Click Cancel to return the screen to its last-saved settings. |
DNS / URL Threat Filter External Block List Screen
Use this screen to use block list entries stored in a file on a web server that supports HTTP or HTTPS. The Zyxel Device will block incoming and outgoing packets from the block list entries in this file. Supported formats are:
• hostname (www.google.com)
• URL http - check full url (http://xxx.yyy.zzz/qqq/wwww)
URL https - only check hostname (https://xxx.)Please note the following:
• The external block list file must be in text format (*.txt) with each entry separated by a new line.External block list entries can consist of a complete URL or a hostname and may contain wildcards. There are some examples for your reference only:
• https://www.zyxel.com/products_services/smb.shtml?t=s (complete URL)
• www.zyxel.com (hostname)
• *.zyxel.* (hostname with wildcards)
• If the external block list file contains any invalid entries, the Zyxel Device will not use the file.
• The external block list file can contain up to 50,000 entries. A warning message displays when the maximum is reached.
The following table describes the labels in this screen.
Label | Description |
|---|---|
Enable | Select this check box to have the Zyxel Device automatically block packets that come from the listed addresses in the block list file on the server. |
Profile Management | |
Add | Click this to create a new DNS/URL threat filter external block list entry. |
Remove | Select an entry and click this to delete it. |
Name | Enter an identifying name for the block list file. You can use alphanumeric and ()+/:=?!*#@$_%- characters, and it can be up to 60 characters long. |
Source | Enter the exact file name, path and IP address of the server containing the block list file. For example, http://172.16.107.20/blocklist-files/myip-ebl.txt The server must be reachable from the Zyxel Device. |
Description | Enter a description of the block list file. You can use alphanumeric and ()+/:=?!*#@$_%- characters, and it can be up to 60 characters long. |
Edit | Select an entry and click this icon to modify it.  |
Remove | Select an entry and click this icon to delete it.  |
Save Changes | Click this icon to save the changes in this row.  |
Cancel Changes | Click this icon to cancel the changes in this row.  |
Signature Update | New IP reputation signatures can be downloaded to the Zyxel Device periodically if you have subscribed for the IP reputation signatures service. You need to create a Zyxel account, register your Zyxel Device and then subscribe for IP reputation service in order to be able to download new signatures (see the Registration screens). Schedule signature updates for a day and time when your network is least busy to minimize disruption to your network. |
Update Now | Click this to have the Zyxel Device immediately check for new signatures. If new signatures are found, they are then downloaded to the Zyxel Device. |
Auto Update | Click this to have the Zyxel Device automatically check for new signatures regularly at the time and day specified. You should select a time when your network is not busy for minimal interruption. |
Every N Hours | Select this to have the Zyxel Device check for new signatures every specified number of hours (N). |
Daily | Select this to have the Zyxel Device check for new signatures every day at the specified time (am/pm). |
Weekly | Select this option to have the Zyxel Device check for new signatures once a week on the day and at the time (am/pm) specified. |
Apply | Click Apply to save your changes back to the Zyxel Device. |
Cancel | Click Cancel to return the screen to its last-saved settings. |