SonicWALL 5.8.1 Manuale Utente
Firewall > App Rules
662
SonicOS 5.8.1 Administrator Guide
Step 10
For Users/Groups, select from the drop-down lists for both Included and Excluded. The
selected users or group under Excluded will not be affected by the policy.
selected users or group under Excluded will not be affected by the policy.
Step 11
If the policy type is SMTP Client, select from the drop-down lists for MAIL FROM and RCPT
TO, for both Included and Excluded. The selected users or group under Excluded will not be
affected by the policy.
TO, for both Included and Excluded. The selected users or group under Excluded will not be
affected by the policy.
Step 12
For Schedule, select from the drop-down list. The list provides a variety of schedules for the
policy to be in effect.
policy to be in effect.
Step 13
If you want the policy to create a log entry when a match is found, select the Enable Logging
checkbox.
checkbox.
Step 14
To record more details in the log, select the Log individual object content checkbox.
Step 15
If the policy type is IPS Content, select the Log using IPS message format checkbox to
display the category in the log entry as “Intrusion Prevention” rather than “Application Control”,
and to use a prefix such as “IPS Detection Alert” in the log message rather than “Application
Control Alert.” This is useful if you want to use log filters to search for IPS alerts.
display the category in the log entry as “Intrusion Prevention” rather than “Application Control”,
and to use a prefix such as “IPS Detection Alert” in the log message rather than “Application
Control Alert.” This is useful if you want to use log filters to search for IPS alerts.
Step 16
If the policy type is App Control Content, select the Log using App Control message format
checkbox to display the category in the log entry as “Application Control”, and to use a prefix
such as “Application Control Detection Alert” in the log message. This is useful if you want to
use log filters to search for Application Control alerts.
checkbox to display the category in the log entry as “Application Control”, and to use a prefix
such as “Application Control Detection Alert” in the log message. This is useful if you want to
use log filters to search for Application Control alerts.
Step 17
If the policy type is CFS, select the Log using CFS message format checkbox to display the
category in the log entry as “Network Access”, and to use a log message such as “Web site
access denied” in the log message rather than no prefix. This is useful if you want to use log
filters to search for content filtering alerts.
category in the log entry as “Network Access”, and to use a log message such as “Web site
access denied” in the log message rather than no prefix. This is useful if you want to use log
filters to search for content filtering alerts.
Step 18
For Log Redundancy Filter, you can either select Global Settings to use the global value set
on the Firewall > App Rules page, or you can enter a number of seconds to delay between
each log entry for this policy. The local setting overrides the global setting only for this policy;
other policies are not affected.
on the Firewall > App Rules page, or you can enter a number of seconds to delay between
each log entry for this policy. The local setting overrides the global setting only for this policy;
other policies are not affected.
Step 19
For Connection Side, select from the drop-down list. The available choices depend on the
policy type and can include Client Side, Server Side, or Both, referring to the side where the
traffic originates. IPS Content, App Control Content, or CFS policy types do not provide this
configuration option.
policy type and can include Client Side, Server Side, or Both, referring to the side where the
traffic originates. IPS Content, App Control Content, or CFS policy types do not provide this
configuration option.
Step 20
For Direction, click either Basic or Advanced and select a direction from the drop-down list.
Basic allows you to select incoming, outgoing, or both. Advanced allows you to select between
zones, such as LAN to WAN. IPS Content, App Control Content, or CFS policy types do not
provide this configuration option.
Basic allows you to select incoming, outgoing, or both. Advanced allows you to select between
zones, such as LAN to WAN. IPS Content, App Control Content, or CFS policy types do not
provide this configuration option.
Step 21
If the policy type is IPS Content, App Control Content, or CFS, select a zone from the Zone
drop-down list. The policy will be applied to this zone.
drop-down list. The policy will be applied to this zone.
Step 22
If the policy type is CFS, select an entry from the CFS Allow List drop-down list. The list
contains any defined CFS Allow/Forbidden List type of match objects, and also provides
None as a selection. The domains in the selected entry will not be affected by the policy.
contains any defined CFS Allow/Forbidden List type of match objects, and also provides
None as a selection. The domains in the selected entry will not be affected by the policy.
Step 23
If the policy type is CFS, select an entry from the CFS Forbidden List drop-down list. The list
contains any defined CFS Allow/Forbidden List type of match objects, and also provides
None as a selection. The domains in the selected entry will be denied access to matching
content, instead of having the defined action applied.
contains any defined CFS Allow/Forbidden List type of match objects, and also provides
None as a selection. The domains in the selected entry will be denied access to matching
content, instead of having the defined action applied.
Step 24
If the policy type is CFS, select the Enable Safe Search Enforcement checkbox to prevent
safe search enforcement from being disabled on search engines such as Google, Yahoo, Bing,
and others.
safe search enforcement from being disabled on search engines such as Google, Yahoo, Bing,
and others.
Step 25
Click OK.