ZyXEL Communications ZyWALL 1000 User Manual
ZyWALL USG 1000 User’s Guide
379
C
H A P T E R
27
Application Patrol
This chapter describes how to use application patrol for the ZyWALL. It provides an overview
first and then introduces the screens. See
first and then introduces the screens. See
for related information on
these screens.
27.1 Application Patrol Overview
Application patrol provides a convenient way to manage the use of various applications on the
network. It manages general protocols (for example, http and ftp) and instant messenger (IM),
peer-to-peer (P2P), Voice over IP (VoIP), and streaming (RSTP) applications. You can even
control the use of a particular application’s individual features (like text messaging, voice,
video conferencing, and file transfers). Application patrol also has powerful bandwidth
management including traffic prioritization to enhance the performance of delay-sensitive
applications like voice and video.
network. It manages general protocols (for example, http and ftp) and instant messenger (IM),
peer-to-peer (P2P), Voice over IP (VoIP), and streaming (RSTP) applications. You can even
control the use of a particular application’s individual features (like text messaging, voice,
video conferencing, and file transfers). Application patrol also has powerful bandwidth
management including traffic prioritization to enhance the performance of delay-sensitive
applications like voice and video.
"
The ZyWALL checks firewall rules before it checks application patrol rules for
traffic going through the ZyWALL.
traffic going through the ZyWALL.
If you want to use a service, make sure both the firewall and application patrol allow the
service’s packets to go through the ZyWALL.
Application patrol examines every TCP and UDP connection passing through the ZyWALL
and identifies what application is using the connection. Then, you can specify, by application,
whether or not the ZyWALL continues to route the connection.
service’s packets to go through the ZyWALL.
Application patrol examines every TCP and UDP connection passing through the ZyWALL
and identifies what application is using the connection. Then, you can specify, by application,
whether or not the ZyWALL continues to route the connection.
27.2 Classification of Applications
There are two ways the ZyWALL can identify the application. The first approach is called
auto. In this approach, the ZyWALL looks at the IP payload (OSI level-7) and attempts to
match it with known patterns for specific applications. Usually, this occurs at the beginning of
a connection, when the payload is more consistent across connections, and the ZyWALL
examines several packets to make sure the match is correct.
auto. In this approach, the ZyWALL looks at the IP payload (OSI level-7) and attempts to
match it with known patterns for specific applications. Usually, this occurs at the beginning of
a connection, when the payload is more consistent across connections, and the ZyWALL
examines several packets to make sure the match is correct.