UAG Series User’s Guide
376
CHAPTER 32
Application Patrol
32.1 Overview
Application patrol provides a convenient way to manage the use of various applications on the
network. It manages general protocols (for example, HTTP and FTP) and instant messenger (IM),
peer-to-peer (P2P), Voice over IP (VoIP), and streaming (RSTP) applications. You can even control
the use of a particular application’s individual features (like text messaging, voice, video
conferencing, and file transfers). You can also configure bandwidth management with application
patrol in the Configuration > BWM screen for traffic prioritization to enhance the performance of
delay-sensitive applications like voice and video.
32.1.1 What You Can Do in this Chapter
•Use the Profile summary screen (see Section 32.2 on page 377) to view application patrol
profiles configured on the UAG.
•Use the Profile Add/Edit screens (see Section 32.2.1 on page 378) to set actions for application
categories and for specific applications within the category.
32.1.2 What You Need to Know
If you want to use a service, make sure both the Security Policy and application patrol allow the
service’s packets to go through the UAG.
Note: The UAG checks secure policies before it checks application patrol rules for traffic
going through the UAG.
Application patrol examines every TCP and UDP connection passing through the UAG and identifies
what application is using the connection. Then, you can specify whether or not the UAG continues
to route the connection. Traffic not recognized by the application patrol signatures is ignored.
Application Profiles & Policies
An application patrol profile is a group of categories of application patrol signatures. For each
profile, you can specify the default action the UAG takes once a packet matches a signature
(forward, drop, or reject a service’s connections and/or create a log alert).
Use policies to link profiles to traffic flows based on criteria such as source zone, destination zone,
source address, destination address, schedule, user.
Classification of Applications
There are two ways the UAG can identify the application. The first is called auto. The UAG looks at
the IP payload (OSI level-7 inspection) and attempts to match it with known patterns for specific
To Next Page
Loading...
