SonicWALL 5.8.1 Microscope & Magnifier User Manual


  Open as PDF
of 1490
 
Verifying App Control Configuration
673
SonicOS 5.8.1 Administrator Guide
Step 5 In the Content text box, type the content to match and then click Add. Repeat this step until
you have added as many elements as you want.
For example, to match on a domain, select Partial
Match in the previous step and then type @
followed by the domain name in the Content field, for example, type: @sonicwall.com. To
match on an individual user, select Exact Match in the previous step and then type the full
email address in the Content field, for example: jsmith@sonicwall.com.
Alternatively, you can click Load From File to import a list of elements from a text file. Each
element in the file must be on a line by itself.
By defining an email address object with a list of users, you can use Application Control to
simulate groups.
Step 6 Click OK.
Verifying App Control Configuration
To verify your policy configuration, you can send some traffic that should match your policy.
You can use a network protocol analyzer such as Wireshark to view the packets. For
information about using Wireshark, see “Wireshark” on page 674.
Be sure to test for both included and excluded users and groups. You should also run tests
according to the schedule that you configured, to determine that the policy is in effect when you
want it to be. Check for log entries in the Log > View screen in the SonicOS user interface.
You can view tooltips on the Firewall > App Rules page when you hover your cursor over each
policy. The tooltips show details of the match objects and actions for the policy. Also, the bottom
of the page shows the number of policies defined, enabled, and the maximum number of
policies allowed.
Useful Tools
This section describes two software tools that can help you use Application Control to the fullest
extent. The following tools are described:
“Wireshark” on page 674
“Hex Editor” on page 676