Справочник Пользователя для SonicWALL 5.8.1
Application Control
630
SonicOS 5.8.1 Administrator Guide
App Rules Policy Creation
You can use Application Control to create custom App Rules policies to control specific aspects
of traffic on your network. A policy is a set of match objects, properties, and specific prevention
actions.When you create a policy, you first create a match object, then select and optionally
customize an action, then reference these when you create the policy.
of traffic on your network. A policy is a set of match objects, properties, and specific prevention
actions.When you create a policy, you first create a match object, then select and optionally
customize an action, then reference these when you create the policy.
In the Firewall > App Rules page, you can access the Policy Settings screen, shown below for
a Policy Type of SMTP Client. The screen changes depending on the Policy Type you select.
a Policy Type of SMTP Client. The screen changes depending on the Policy Type you select.
Some examples of policies include:
•
Block applications for activities such as gambling
•
Disable .exe and .vbs email attachments
•
Do not allow the Mozilla browser on outgoing HTTP connections
•
Do not allow outgoing email or MS Word attachments with the keywords “SonicWALL
Confidential”, except from the CEO and CFO
Confidential”, except from the CEO and CFO
•
Do not allow outgoing email that includes a graphic or watermark found in all confidential
documents
documents
When you create a policy, you select a policy type. Each policy type specifies the values or
value types that are valid for the source, destination, match object type, and action fields in the
policy. You can further define the policy to include or exclude specific users or groups, select a
schedule, turn on logging, and specify the connection side as well as basic or advanced
direction types. A basic direction type simply indicates inbound or outbound. An advanced
direction type allows zone to zone direction configuration, such as from the LAN to the WAN.
value types that are valid for the source, destination, match object type, and action fields in the
policy. You can further define the policy to include or exclude specific users or groups, select a
schedule, turn on logging, and specify the connection side as well as basic or advanced
direction types. A basic direction type simply indicates inbound or outbound. An advanced
direction type allows zone to zone direction configuration, such as from the LAN to the WAN.