Adding an Application Control Policy
An application control policy is used to permit or block traffic for the applications by schedule.
Note Up to 80 custom application control policies can be configured on the security appliance. Up to 8 application control policies can be applied to each zone.
1. Click Add Policy to create a new application control policy.
The Policy Profile - Add/Edit window opens.
2. Enter the following information:
• Policy Name: Enter the name for the application control policy.
• Schedule: Choose Always on to keep the application control policy always active or choose a schedule to permit or block the applications at a specific time of a day or at the specified days of a week. If the schedule that you want is not in the list, choose Create a new schedule to add a new schedule object. To maintain the schedules, go to the Device Management > Schedules page. See Configuring Schedules, page 381.
3. The security appliance supports a long list of applications. You can use the table filter settings to filter the applications and then specify the settings for the selected applications.
• Category: Allows you to filter the applications by category. Choose All to display all categories in the table or choose a category to only display the applications that belong to the selected category. You can click the triangle next to a category to expand or contract all applications in the category.
• Application: Allows you to filter the application by application name. Enter the name of the application in the field. Only the application that you specified is displayed in the table.
• Current Action: Allows you to filter the applications by action. Choose Deny to display all applications that are blocked or choose Permit to display all applications that are permitted.
NOTE: By default, the table filter settings are hidden. You can click the triangle next to Hide Table Filter Settings to display or hide the table filter settings.
4. After you set the table filter settings, click Refresh Table to refresh the data in the table. Only the applications that you specified are displayed in the table.
5. Specify the preventive action for a single application or for all applications in a category:
• To permit or block traffic for all applications in a category, click the Edit (pencil) icon in the Configure column for the category. For complete details, see Permitting or Blocking Traffic for all Applications in a Category.
• If the action, schedule, or logging settings vary among the applications in a category, you can configure the settings for each application in the category. You must first choose keep application-level settings for the Action and Logging options of the category, and then click the Edit (pencil) icon in the Configure column for the application. For complete details, see Permitting or Blocking Traffic for an Application.