SonicWALL 5.8.1 Microscope & Magnifier User Manual


  Open as PDF
of 1490
 
Application Control
634
SonicOS 5.8.1 Administrator Guide
Match Objects
Match objects represent the set of conditions which must be matched in order for actions to
take place. This includes the object type, the match type (exact, partial, prefix, or suffix), the
input representation (text or hexadecimal), and the actual content to match. Match objects were
referred to as application objects in previous releases.
Hexadecimal input representation is used to match binary content such as executable files,
while text input representation is used to match things like file or email content. You can also
use hexadecimal input representation for binary content found in a graphic image. Text input
representation could be used to match the same graphic if it contains a certain string in one of
its properties fields.
The maximum size for a match object is 8192 (8K) bytes. Because Application Control matches
data at wire speeds, match objects do not provide matching for regular expressions. You can
use a proxy server for this functionality.
The File Content match object type provides a way to match a pattern or keyword within a
compressed (zip/gzip) file. This type of match object can only be used with FTP Data Transfer,
HTTP Server, or SMTP Client policies.
The following table describes the supported match object types.
Object Type Description Match Types
Negative
Matching Extra Properties
ActiveX ClassID Class ID of an
Active-X
component. For
example, ClassID of
Gator Active-X
component is
“c1fb8842-5281-
45ce-a271-
8fd5f117ba5f”
Exact No None
Application
Category List
Allows specification
of application
categories, such as
Multimedia., P2P, or
Social Networking
N/A No None
Application List Allows specification
of individual
applications within
the application
category that you
select
N/A No None
Application
Signature List
Allows specification
of individual
signatures for the
application and
category that you
select
N/A No None
CFS Allow/
Forbidden List
Allows specification
of allowed and
forbidden domains
for Content Filtering
Exact, Partial,
Prefix, Suffix
No None