• SonicOS 7.1
• About SonicOS
  • Working with SonicOS
  • SonicOS Workflow
  • How to Use the SonicOS Administration Guides
  • Guide Conventions
• Summary
  • Synchronize Licenses
  • Security Services Settings
  • Signature Downloads Through a Proxy Server
  • Security Services Information
• Configuring Content Filter
  • SonicWall CFS
    • CFS Status
    • Global Settings
    • CFS Exclusion
  • CFS Custom Category
  • Websense Enterprise
    • Websense Server Status
    • General Settings
    • Block Web Features
    • CFS Exclusion
    • Blocking Page
• Managing the SonicWall Gateway Anti-Virus Service
  • SonicWall GAV Multi-Layered Approach
    • Remote Site Protection
    • Internal Network Protection
    • HTTP File Downloads
    • Server Protection
    • Cloud Anti-Virus Database
  • SonicWall GAV Architecture
  • Activating the Gateway Anti-Virus, Anti-Spyware, and Intrusion Prevention License
  • Setting Up SonicWall Gateway Anti-Virus Protection
    • Viewing SonicWall Gateway Anti-Virus Status Information
      • Checking the SonicWall Gateway Anti-Virus Signature Database Status
      • Updating SonicWall Gateway Anti-Virus Signatures
    • Enabling SonicWall Gateway Anti-Virus
    • Applying SonicWall Gateway Anti-Virus Protection on Zones
    • Specifying Protocol Filtering
      • Enabling Inbound Inspection
      • Enabling Outbound Inspection
      • Restricting File Transfers
        • FTP Settings
        • Exclusion Settings
      • Resetting Gateway Anti-Virus Settings
    • Configuring Gateway Anti-Virus Settings
      • Configuring Gateway Anti-Virus Settings
      • Configuring HTTP Clientless Notification
      • Configuring a SonicWall GAV Exclusion List
    • Configuring Cloud Gateway Anti-Virus
  • Viewing SonicWall Gateway Anti-Virus Signatures
    • Displaying Signatures
    • Navigating the Gateway Anti-Virus Signatures Table
    • Searching the Gateway Anti-Virus Signature Database
• Anti-Spyware Service
  • Anti-Spyware Status
  • Anti-Spyware Global Settings
  • Signature Groups
  • Protocols
  • Anti-Spyware Signatures
• Intrusion Prevention Service
  • About Intrusion Prevention Service
  • Enabling Intrusion Prevention Services
  • IPS Status
  • IPS Global Settings
  • Intrusion Prevention Service Policies
• Configuring Geo-IP Filters
  • Configuring Geo-IP Filtering
  • Creating Custom Country Lists
  • Customizing Web Block Page Settings
  • Using Geo-IP Filter Diagnostics
    • Geo-IP Cache Statistics
    • Custom Countries Statistics
    • Show Resolved Locations
    • Check GEO Location Server Lookup
    • Incorrectly Marked Address
• Configuring Botnet Filters
  • Configuring Botnet Filtering
  • Creating Custom Botnet Lists
    • Creating a Custom Botnet List
    • Editing Custom Botnet List Entries
  • Configuring Dynamic HTTP Authentication
  • Customizing Web Block Page Settings
  • Using Botnet Filter Diagnostics
    • Botnet Cache Statistics
    • Botnets Statistics
    • Show Resolved Botnet Locations
    • Check Botnet Server Lookup
    • Incorrectly Marked Address
  • Displaying the Status of the Botnet Feature and Database
• Configuring App Control
  • About App Control Policy Creation
  • Viewing App Control Status
  • Enabling App Control
    • Enabling App Control Globally
    • Enabling App Control on Zones
    • Configuring Logging and Log Filter Interval
    • Enabling App Control Filename Logging
  • Configuring App Control Global Settings
    • About App Control Global Settings
  • Configuring App Control Advanced Settings
    • Configuring App Control Advanced by Category
    • Configuring App Control Advanced by Application
    • Configuring App Control Advanced by Signature
    • Viewing Signatures
      • Viewing by All Categories and All Applications by Applications
      • Viewing by All Categories and All Applications by Signatures
      • Viewing by All Categories and All Applications by Category
      • Viewing Just One Category
      • Viewing Just One Application
      • Displaying Details of Signature Applications
      • Displaying Details of Application Signatures
• SonicWall Support
  • About This Document

Configuring App Control Advanced by Category

Category-based configuration is the most broadly based method of policy configuration on the POLICY | Rules and Policies > App Control | App Control Advanced page. The list of categories is available in the Category drop-down menu.

To configure an App Control policy for an application category

1. Navigate to the POLICY | Rules and Policies > App Control | App Control Advanced page.
2. Select an application category from the Category drop-down menu. The Configure icon to the right of the field is enabled as soon as a category is selected.

3. Click Configure to display the App Control Category Settings dialog for the selected category.

   

4. To block applications in this category, select Enable in the Block drop-down menu.
5. To create a log entry when applications in this category are detected, select Enable in the Log drop-down menu.
6. To target the selected block or log actions to a specific user or group of users, select a user group or individual user from the Included Users/Groups drop-down menu. Select All to apply the policy to all users.
7. To exclude a specific user or group of users from the selected block or log actions, select a user group or individual user from the Excluded Users/Groups drop-down menu. Select None to apply the policy to all users.
8. To target the selected block or log actions to a specific IP address or address range, select an Address Group or Address Object from the Included IP Address Range drop-down menu. Select All to apply the policy to all IP addresses.
9. To exclude a specific IP address or address range from the selected block or log actions, select an Address Group or Address Object from the Excluded IP Address Range drop-down menu. Select None to apply the policy to all IP addresses.

10. To enable this policy during specific days of the week and hours of the day, select one of the following schedules from the Schedule drop-down menu:

    Schedule Options

    This schedule	Enables the policy
    Always on	At all times. This option is selected by default.
    Work Hours	Monday through Friday, 8:00 AM to 5:00 PM.
    M-T-W-T-F 08:00 to 17:00	Monday through Friday, 8:00 AM to 5:00 PM (same as Work Hours).
    After Hours	Monday through Friday, 5:00 PM to 8:00 AM.
    M-T-W-T-F 00:00 to 08:00	Monday through Friday, midnight to 8:00 AM.
    M-T-W-T-F 17:00 to 24:00	Monday through Friday, 5:00 PM to midnight.
    SU-S 00:00 to 24:00	24 hours a day, Sunday through Saturday (same as Always On).
    Weekend Hours	Friday at 5:00 PM through Monday at 8:00 AM.
    AppFlow Report Hours	During the time configured for AppFlow reports.
    SU-M-T-W-TH-F-S 00:00 to 24:00	24 hours a day, Sunday through Saturday (same as Always On).
    TSR Report Hours	During the time configured for TSR reports.

11. By default, the Use Global Settings option is selected and has a default of 60 seconds, which cannot be changed (the field is dimmed). To specify a different delay between log entries for repetitive events:

    1. Deselect the Use Global Settings checkbox. The field becomes available.
    2. Enter the number of seconds for the delay into the Log Redundancy Filter field. The minimum number of seconds is 0 (no delay), the maximum is 999999, and the default is 0.
12. Click OK.