Cisco Cisco FirePOWER Appliance 7115
Version 5.3
Sourcefire 3D System User Guide
192
Using Objects and Security Zones
Working with Application Filters
Chapter 4
To add a URL object:
A
CCESS
: Admin/Access Admin/Network Admin
1. Select Objects > Object Management.
The Object Management page appears.
2. Under URL, select Individual Objects.
3. Click Add URL.
3. Click Add URL.
The URL Objects pop-up window appears.
4. Type a Name for the URL object. You can use any printable standard ASCII
characters except curly braces (
{}
).
5. Type the URL or IP address for the URL object.
6. Click Save.
6. Click Save.
The URL object is added.
Working with Application Filters
L
ICENSE
: FireSIGHT
S
UPPORTED
D
EVICES
: Series 3, virtual, X-Series
When the Sourcefire 3D System analyzes IP traffic, it attempts to identify the
commonly used applications on your network. Application awareness is crucial to
performing application-based access control. The system is delivered with
performing application-based access control. The system is delivered with
detectors for many applications, and Sourcefire frequently updates and adds
additional detectors via system and vulnerability database (VDB) updates. You can
also create your own application protocol detectors to enhance the system’s
detection capabilities.
Application filters group applications according to criteria associated with the
Application filters group applications according to criteria associated with the
applications’ risk, business relevance, type, categories, and tags; see the
on page 1317. When you create an application
protocol detector, you must characterize the application using those criteria as
well. Using application filters allows you to quickly create application conditions
for access control rules because you do not have to search for and add
applications individually; for more information, see
Another advantage to using application filters is that you do not have to update
access control rules that use filters when you modify or add new applications. For
example, if you configure your access control policy to block all social networking
applications, and a VDB update includes a new social networking application