Configuring Application Control by Signature

Signature-based configuration is the lowest, most specific, level of policy configuration on the Firewall > App Control Advanced page.

Setting a policy based on a specific signature allows you to configure policy settings for the individual signature without influence on other signatures of the same application.

To configure an App Control policy for a specific signature:
1
Navigate to the Firewall > App Control Advanced page.
2
Under App Control Advanced, select a category from the Category drop-down menu.
3
4
To display the specific signatures for this application, select Signature in the Viewed by drop-down menu. For example, the FreeStyle gaming application has two signatures.

5
Click the Configure button in the row for the signature you want to work with. The App Control Signature Settings dialog displays.

The fields at the top of the dialog are not editable. These fields display the values for the Signature Category, Signature Name, Signature ID, Priority, and Direction of the traffic in which this signature can be detected.

TIP: The following application configuration options default to the current settings of the category to which the application belongs; for example, Use Category Settings (All). To retain this connection to the category settings for any of these fields, leave this selection in place for those fields.
6
To block this signature, select Enable in the Block drop-down menu.
7
8
9
10
To target the selected block or log actions to a specific IP address or address range, select an Address Group or Address Object from the Included IP Address Range drop-down menu. Select All to apply the policy to all IP addresses.
11
To exclude a specific IP address or address range from the selected block or log actions, select an Address Group or Address Object from the Excluded IP Address Range drop-down menu. Select None to apply the policy to all IP addresses.
12
Always on – Enable the policy at all times.
Work Hours – Enable the policy Monday through Friday, 8:00 AM to 5:00 PM.
M-T-W-T-F 08:00 to 17:00 – Enable the policy Monday through Friday, 8:00 AM to 5:00 PM.
After Hours – Enable the policy Monday through Friday, 5:00 PM to 8:00 AM.
M-T-W-T-F 00:00 to 08:00 – Enable the policy Monday through Friday, midnight to 8:00 AM.
M-T-W-T-F 17:00 to 24:00 – Enable the policy Monday through Friday, 5:00 PM to midnight.
SU-S 00:00 to 24:00 – Enable the policy at all times (Sunday through Saturday, 24 hours a day).
Weekend Hours – Enable the policy Friday at 5:00 PM through Monday at 8:00 AM.
13
14
To see detailed information about the signature, click here in the Note at the bottom of the dialog.
15