Using the Application Control Wizard

The Application Control wizard provides safe configuration of App Control policies for many common use cases, but not for everything. If at any time during the wizard you are unable to find the options that you need, you can click Cancel and proceed using manual configuration. When configuring manually, you must remember to configure all components, including match objects, actions, email address objects if required, and finally, a policy that references them. For the manual policy creation procedure, see the Prerequisites to Configuring App Rules Policies.

To use the wizard to configure Application Control:

In the SonicWALL banner at the top of the page, click the Wizards icon. The wizards Welcome page displays.

Select the Application Control Wizard radio button and then click Next.

In the Application Control Wizard Introduction page, click Next.

In the Application Control Policy Type page , click a selection for the policy type, and then click Next.

You can choose among SMTP, incoming POP3, Web Access, or FTP file transfer. The policy that you create applies only to the type of traffic that you select. The next page varies, depending on your choice here.

In the Select <your choice> Rules for Application Control page, select a policy rule from the choices supplied, and then click Next.

Depending on your choice in the previous step, this page is one of four possible:

•

Select SMTP Rules for Application Control

•

Select POP3 Rules for Application Control

•

Select Web Access Rules for Application Control

•

Select FTP Rules for Application Control

The page displayed varies, depending on your choice of policy rule in the previous step. For the following policy rules, the wizard displays the Set Application Control Object Keywords and Policy Direction page on which you can select the traffic direction to scan, and the content or keywords to match, and then click Next.

•

All SMTP policy rule types except Specify maximum email size

•

All POP3 policy rule types

•

All Web Access policy rule types except Look for usage of certain web browsers and Look for usage of any web browser, except the ones specified

•

All FTP policy types except Make all FTP access read-only and Disallow usage of SITE command

In the Set Application Control Object Keywords and Policy Direction dialog, perform the following steps:

In the Direction drop-down menu, select the traffic direction to scan: Incoming, Outgoing, or Both.

Do one of the following:

NOTE: If you selected a choice with the words except the ones specified in the previous step, content that you enter here will be the only content that does not cause the action to occur. See Negative Matching.

•

In the Content field, enter or paste a text or hexadecimal representation of the content to match, and then click Add. Repeat until all content is added to the List text box.

•

To import keywords from a predefined text file that contains a list of content values, one per line, click Load From File.

Click Next.

If you selected a policy type in the previous step that did not result in the Set Application Control Object Keywords and Policy Direction page with the standard options, the wizard displays a page that allows you to select the traffic direction, and certain other choices, depending on the policy type.

In the Direction drop-down menu, select the traffic direction to scan.

SMTP: In the Set Maximum Email Size page, in the Maximum Email Size field, enter the maximum number of bytes for an email message.

Web Access: In the Application Control Object Settings page, the Content field has a drop-down list with a limited number of choices, and no Load From File button is available. Select a browser from the drop-down menu.

FTP: In the special-case Set Application Control Object Keywords and Policy Direction page, you can only select the traffic direction to scan.

Click Next.

In the Application Control Action Settings page, select the action to take when matching content is found in the specified type of network traffic, and then click Next.

You will see one or more of the following choices, depending on the policy type:

Policy Type	Available Action
All Types	Log Only
All Types	Bypass DPI
SMTP	Blocking Action - block and send custom email reply
SMTP	Blocking Action - block without sending email reply
SMTP	Add Email Banner (append text at the end of email)
POP3	Blocking Action - disable attachment and add custom text
Web Access	Blocking Action - custom block page
Web Access	Blocking Action - redirect to new location
Web Access	Blocking Action - Reset Connection
Web Access	Manage Bandwidth

In the second Application Control Action Settings page (if it is displayed), in the Content field, enter the text or URL that you want to use, and then click Next.

The second Application Control Action Settings page is only displayed when you selected an action in the previous step that requires additional text. For a Web Access policy type, if you selected an action that redirects the user, you can enter the new URL into the Content field.

In the Select Name for Application Control Policy page, in the Policy Name field, enter a descriptive name for the policy, and then click Next.

In the Confirm Policy Settings page, review the displayed values for the new policy and do one of the following:

•

To create a policy using the displayed configuration values, click Apply.

•

To change one or more of the values, click Back.

•

To exit the wizard without creating the policy, click Cancel.

In the Application Control Policy Complete page, to exit the wizard, click Close.

NOTE: You can configure Application Control policies without using the wizard. When configuring manually, you must remember to configure all components, including match objects; action objects, bandwidth, and email address objects if required; and finally, a policy that references them.