Application Control
620
SonicOS 5.8.1 Administrator Guide
• Administrators can use the Create Rule button to quickly apply bandwidth management or
packet monitoring to an application that they notice while viewing the App Flow Monitor
page, or can completely block the application.
• Administrators can configure policy settings for individual signatures without influencing
other signatures of the same application.
• Application Control configuration screens are available in the Firewall menu in the SonicOS
management interface, consolidating all Firewall and Application Control access rules and
policies in the same area.
Application Control functionality
can be compared to three main categories of products:
• Standalone proxy appliances
• Application proxies integrated into firewall VPN appliances
• Standalone IPS appliances with custom signature support
Standalone proxy appliances are typically designed to
provide granular access control for a
specific protocol. SonicWALL Application Control provides granular, application level access
control across multiple protocols, including HTTP, FTP, SMTP, and POP3. Because
Application Control runs on your SonicWALL firewall, you can use it to control both inbound and
outbound traffic, unlike a dedicated proxy appliance that is typically deployed in only one
direction. Application Control provides better performance and scalability than a dedicated
proxy appliance because it is based on SonicWALL’s proprietary Deep Packet Inspection
technology.
Today’s integrated application proxies do not provide granular, application level access control,
application layer bandwidth management, and digital rights management functionality. As with
dedicated proxy appliances, SonicWALL Application Control provides much higher
performance and far greater scalability than integrated application proxy solutions.
While some standalone IPS appliances provide protocol decoding support, none of these
products supports granular, application level access control, application layer bandwidth
management, and digital rights management functionality.
In comparing Application Control to SonicWALL Email Security, there are benefits to using
either. Email Security only works with SMTP, but it has a very rich policy space. Application
Control works with SMTP, POP3, HTTP, FTP and other protocols, is integrated into SonicOS
on the firewall, and has higher performance than Email Security. However, Application Control
does not offer all the policy options for SMTP that are provided by Email Security.
How Does Application Control Work?
Application Control utilizes SonicOS Deep Packet Inspection to scan application layer network
traffic as it passes through the gateway and locate content that matches configured
applications. When a match is found, these features perform the configured action. When you
configure App Control policies, you create global rules that define whether to block or log the
application, which users, groups, or IP address ranges to include or exclude, and a schedule
for enforcement. Additionally, you can create App Rules policies that define the type of
applications to scan, the direction, the content or keywords to match, optionally the user or
domain to match, and the action to perform.
The following sections describe the main components of Application Control:
• “Actions Using Bandwidth Management” on page 621
• “Actions Using Packet Monitoring” on page 626
• “Create Rule from App Flow Monitor” on page 627
• “App Control Advanced Policy Creation” on page 629