App Control Use Cases
707
SonicOS 5.8.1 Administrator Guide
Defining the Policy
After creating the match objects, you can define a policy that uses them. The image below
shows the other policy settings. This example as shown is specific for reverse shells in both the
Policy Name and the Direction settings. As mentioned, it may also be tailored for a wider
scope with the Direction setting changed to Both and a more generic name.
A log entry with a Category of Network Access is generated after a connection Reset/Drop. The
screenshot below shows the log entry, including the message stating that it is an Application
Control Alert and displaying the policy name:
As experience suggests, appropriate security measures would include several layers of
intelligence and no single approach can be considered a definitive defense against hostile
code.