Permitting or Blocking Traffic for an Application
If the action, schedule, or logging settings vary among the applications in a category, you can configure the action and logging settings for each application in the category. The application-level settings are applied to a single application in a category.
Note To edit the settings for an application with detection disabled, you must first enable the detection from the Advanced Settings page.
Note Before you configure the application-level settings for each application in a category, make sure that you choose keep application-level settings for the Action and Logging options of the category.
1. Click the Edit (pencil) icon in the Configure column for an application.
The Policy Profile - Add/Edit window opens.
2. Specify the application-level control settings:
• Application: The name of the application.
• Action: Choose Permit to permit traffic for the application or choose Deny to block traffic for the application.
• Logging: Choose Enable to log the event when an application is blocked, or choose Disable to disable the logging function.
To log application blocking events, you must first enable the logging settings for the applications, and then go to the Device Management > Logs pages to configure the log settings and the log facilities. See Log Management, page 374.
• Configure feature-specific access control: For some applications, you can permit or block certain features or functions of the application. For example, for Google Talk application, you can permit the chat function but block the media transfer function. Check this box and then specify the action for each feature or function of the application.
NOTE: When the action for the application is set as “Deny,” this feature will be grayed out.