SonicOS 7.1 Security Services
- SonicOS 7.1
- About SonicOS
- Summary
- Configuring Content Filter
- Managing the SonicWall Gateway Anti-Virus Service
- SonicWall GAV Multi-Layered Approach
- SonicWall GAV Architecture
- Activating the Gateway Anti-Virus, Anti-Spyware, and Intrusion Prevention License
- Setting Up SonicWall Gateway Anti-Virus Protection
- Viewing SonicWall Gateway Anti-Virus Signatures
- Anti-Spyware Service
- Intrusion Prevention Service
- Configuring Geo-IP Filters
- Configuring Botnet Filters
- Configuring App Control
- About App Control Policy Creation
- Viewing App Control Status
- Enabling App Control
- Configuring App Control Global Settings
- Configuring App Control Advanced Settings
- Configuring App Control Advanced by Category
- Configuring App Control Advanced by Application
- Configuring App Control Advanced by Signature
- Viewing Signatures
- Viewing by All Categories and All Applications by Applications
- Viewing by All Categories and All Applications by Signatures
- Viewing by All Categories and All Applications by Category
- Viewing Just One Category
- Viewing Just One Application
- Displaying Details of Signature Applications
- Displaying Details of Application Signatures
- SonicWall Support
Configuring App Control Advanced by Signature
Signature-based configuration is the most specific level of policy configuration on the POLICY | Rules and Policies > App Control | App Control Advanced page.
Setting a policy based on a specific signature allows you to configure policy settings for the individual signature without influence on other signatures of the same application.
To configure an App Control policy for a specific signature
- Navigate to the POLICY | Rules and Policies > App Control | App Control Advanced page.
-
Select Signature in the Viewed by drop-down menu.
Optionally reduce the number of signatures displayed by selecting a category from the Category drop-down menu and/or an application from the Application drop-down menu.
If you know the Signature ID of the signature, click the Lookup Signature ID icon in the toolbar, enter the Signature ID, and then click the Lookup Signature.
-
Click Configure in the row for the signature you want to work with. The App Control Signature Settings dialog displays.
If the signature’s Block setting is set to Use App Setting.
To prevent the application settings from overriding your settings for the signature, change the Block setting here to Enabled or Disabled, as desired, and update any other settings in this dialog to the specific values that you want.The fields at the top of the dialog are not editable. They display the values for the Signature Category, Signature Name, Signature ID, Application ID, Priority, and Direction of the traffic for the category and application to which this signature belongs.
To edit the application information, click the Edit icon next to the Application ID field. The App Control Application Settings dialog displays. For information about configuring the settings in this dialog, see Configuring App Control by Application.
The other settings for the signature default to the current settings for the application to which the signature belongs. To retain this connection to the application settings for one or more fields, leave this selection in place for those fields.
-
To block this signature, select Enable in the Block drop-down menu.
-
To create a log entry when this signature is detected, select Enable in the Log drop-down menu.
-
To target the selected block or log actions to a specific user or group of users, select a user group or individual user from the Included Users/Groups drop-down menu. Select All to apply the policy to all users.
-
To exclude a specific user or group of users from the selected block or log actions, select a user group or individual user from the Excluded Users/Groups drop-down menu. Select None to apply the policy to all users.
-
To target the selected block or log actions to a specific IP address or address range, select an Address Group or Address Object from the Included IP Address Range drop-down menu. Select All to apply the policy to all IP addresses.
-
To exclude a specific IP address or address range from the selected block or log actions, select an Address Group or Address Object from the Excluded IP Address Range drop-down menu. Select None to apply the policy to all IP addresses.
-
To enable this policy during specific days of the week and hours of the day, select one of the schedules from the Schedule drop-down menu. For a list of schedules, see Schedule Options in Configuring App Control Advanced by Category.
-
By default, the Log Redundancy Filter has the Use Category Settings option selected; the field is dimmed and cannot be changed. To specify a different delay between log entries for repetitive events:
-
Deselect the Use Global Settings checkbox. The field becomes available.
-
Enter the number of seconds for the delay into the Log Redundancy Filter field. The minimum number of seconds is 0 (no delay), the maximum is 999999, and the default is 0.
-
-
To see detailed information about the signature, click
here
in the Note at the bottom of the dialog. -
Click OK.
Was This Article Helpful?
Help us to improve our support portal