Filter
Top Products
Application Control
639
SonicOS 5.8.1 Administrator Guide
You can use the Load From File button to import content from predefined text files that contain
multiple entries for a match object to match. Each entry in the file must be on its own line. The
Load From File feature allows you to easily move Application Control settings from one
SonicWALL security appliance to another.
Multiple entries, either from a text file or entered manually, are displayed in the List area. List
entries are matched using the logical OR, so if any item in the list is matched, the action for the
policy is executed.
A match object can include a total of no more than 8000 characters. If each element within a
match object contains approximately 30 characters, then you can enter about 260 elements.
The maximum element size is 8000 bytes.
Negative Matching
Negative matching provides an alternate way to specify which content to block. You can enable
negative matching in a match object when you want to block everything except a particular type
of content. When you use the object in a policy, the policy will execute actions based on
absence of the content specified in the match object. Multiple list entries in a negative matching
object are matched using the logical AND, meaning that the policy action is executed only when
all specified negative matching entries are matched.
Although all App Rules policies are DENY policies, you can simulate an ALLOW policy by using
negative matching. For instance, you can allow email .txt attachments and block attachments
of all other file types. Or you can allow a few types, and block all others.
Not all match object types can utilize negative matching. For those that can, you will see the
Enable Negative Matching checkbox on the Match Object Settings screen.