Application Control Application control statistics
FortiGate Version 4.0 Administration Guide
01-400-89802-20090424 527
http://docs.fortinet.com/ • Feedback
In addition to these option, some IM applications and VoIP protocols have additional
options:
Application control statistics
The FortiGate unit maintains statistics on selected IM and P2P applications, and VoIP
protocols. You can use these statistics to gain insight into how the protocols are being
used within your network. To view these statistics, go to UTM > Application Control >
Statistics.
Session TTL The application’s session TTL. If this option is not enabled, the TTL
defaults to the setting of the config system session-ttl CLI
command.
Enable Logging When enabled, the FortiGate unit will log the occurrence and the
action taken if traffic from the specified application is detected.
IM options
Block Login Select to prevent users from logging in to the selected IM system.
Block File Transfers Select to prevent the sending and receiving of files using the selected
IM system.
Block Audio Select to prevent audio communication using the selected IM system.
Inspect Non-standard
Port
Select to allow the FortiGate unit to examine non-standard ports for
the IM client traffic.
Display content meta-
information on the
system dashboard
Select to include meta-information detected for the IM system on the
FortiGate unit dashboard.
VoIP options
Limit Call Setup Enter the maximum number of calls each client can set up per minute.
Limit REGISTER
request
Enter the maximum number of register requests per second allowed
for the firewall policy.
Limit INVITE request Enter the maximum number of invite requests per second allowed for
the firewall policy.
Enable Logging of
Violations
Select to enable logging of violations.
Other options
Command Some of traffic types include a command option. Specify a command
that appears in the traffic that you want to block or pass.
For example, enter GET as a command in the FTP.Command
application to have the FortiGate unit examine FTP traffic for the GET
command. Multiple commands can be entered.
Method A method option is available for HTTP, RTSP, and SIP protocols.
Specify a method that appears in the traffic that you want to block or
pass.
For example, enter POST as a method in the HTTP.Method application
to have the FortiGate unit examine HTTP traffic for the POST method.
Multiple methods can be entered.
Program Number Enter the program number appearing in Sun Remote Procedure Calls
(RPC) that you want to block or pass. Multiple program numbers can
be entered.
UUID Enter the UUID appearing in Microsoft Remote Procedure Calls
(MSRPC) that you want to block or pass. Multiple UUIDs can be
entered.
To Next Page
Loading...