Cisco Cisco FirePOWER Appliance 7115

Version 5.3

Sourcefire 3D System User Guide

192

Using Objects and Security Zones

Working with Application Filters

Chapter 4

To add a URL object:

: Admin/Access Admin/Network Admin

1. Select Objects > Object Management.

The Object Management page appears.

2. Under URL, select Individual Objects.
3. Click Add URL.

The URL Objects pop-up window appears.

4. Type a Name for the URL object. You can use any printable standard ASCII 

characters except curly braces (

{}

).

5. Type the URL or IP address for the URL object.
6. Click Save.

The URL object is added.

Working with Application Filters

: FireSIGHT

: Series 3, virtual, X-Series

When the Sourcefire 3D System analyzes IP traffic, it attempts to identify the 

commonly used applications on your network. Application awareness is crucial to 
performing application-based access control. The system is delivered with 

detectors for many applications, and Sourcefire frequently updates and adds 

additional detectors via system and vulnerability database (VDB) updates. You can 

also create your own application protocol detectors to enhance the system’s 

detection capabilities.
Application filters group applications according to criteria associated with the 

applications’ risk, business relevance, type, categories, and tags; see the 

 on page 1317. When you create an application 

protocol detector, you must characterize the application using those criteria as 

well. Using application filters allows you to quickly create application conditions 

for access control rules because you do not have to search for and add 

applications individually; for more information, see 

Another advantage to using application filters is that you do not have to update 

access control rules that use filters when you modify or add new applications. For 

example, if you configure your access control policy to block all social networking 

applications, and a VDB update includes a new social networking application