Filter
Top Products
Firewall > App Rules
662
SonicOS 5.8.1 Administrator Guide
Step 10 For Users/Groups, select from the drop-down lists for both Included and Excluded. The
selected users or group under Excluded will not be affected by the policy.
Step 11 If the policy type is SMTP Client, select from the drop-down lists for MAIL FROM and RCPT
TO, for both Included and Excluded. The selected users or group under Excluded will not be
affected by the policy.
Step 12 For Schedule, select from the drop-down list. The list provides a variety of schedules for the
policy to be in effect.
Step 13 If you want the policy to create a log entry when a match is found, select the Enable Logging
checkbox.
Step 14 To record more details in the log, select the Log individual object content checkbox.
Step 15 If the policy type is IPS Content, select the Log using IPS message format checkbox to
display the category in the log entry as “Intrusion Prevention” rather than “Application Control”,
and to use a prefix such as “IPS Detection Alert” in the log message rather than “Application
Control Alert.” This is useful if you want to use log filters to search for IPS alerts.
Step 16 If the policy type is App Control Content, select the Log using App Control message format
checkbox to display the category in the log entry as “Application Control”, and to use a prefix
such as “Application Control Detection Alert” in the log message. This is useful if you want to
use log filters to search for Application Control alerts.
Step 17 If the policy type is CFS, select the Log using CFS message format checkbox to display the
category in the log entry as “Network Access”, and to use a log message such as “Web site
access denied” in the log message rather than no prefix. This is useful if you want to use log
filters to search for content filtering alerts.
Step 18 For Log Redundancy Filter, you can either select Global Settings to use the global value set
on the Firewall > App Rules page, or you can enter a number of seconds to delay between
each log entry for this policy. The local setting overrides the global setting only for this policy;
other policies are not affected.
Step 19 For Connection Side, select from the drop-down list. The available choices depend on the
policy type and can include Client Side, Server Side, or Both, referring to the side where the
traffic originates. IPS Content, App Control Content, or CFS policy types do not provide this
configuration option.
Step 20 For Direction, click either Basic or Advanced and select a direction from the drop-down list.
Basic allows you to select incoming, outgoing, or both. Advanced allows you to select between
zones, such as LAN to WAN. IPS Content, App Control Content, or CFS policy types do not
provide this configuration option.
Step 21 If the policy type is IPS Content, App Control Content, or CFS, select a zone from the Zone
drop-down list. The policy will be applied to this zone.
Step 22 If the policy type is CFS, select an entry from the CFS Allow List drop-down list. The list
contains any defined CFS Allow/Forbidden List type of match objects, and also provides
None as a selection. The domains in the selected entry will not be affected by the policy.
Step 23 If the policy type is CFS, select an entry from the CFS Forbidden List drop-down list. The list
contains any defined CFS Allow/Forbidden List type of match objects, and also provides
None as a selection. The domains in the selected entry will be denied access to matching
content, instead of having the defined action applied.
Step 24 If the policy type is CFS, select the Enable Safe Search Enforcement checkbox to prevent
safe search enforcement from being disabled on search engines such as Google, Yahoo, Bing,
and others.
Step 25 Click OK.