•
Click OK to close the dialog
5.
Click OK
Finally, set the source network address object of
lan_to_wan_policy
so it has the same
authentication group name as the application rule.
1.
Go to: Objects > Address Book > Add > IP4 Address
2.
Select lan_to_wan_policy
3.
In User Auth Groups enter
rogue_users
4.
Click OK
Note that enabling No defined credentials in
lan_to_wan_policy
would also allow application
control to function.
Note: BitTorrent should include uTP
As seen in the above example, when application control is configured to target
BitTorrent, the two signatures
bittorrent
and
utp
should both be selected.
The Strict HTTP Setting
Many protocols that application control examines are built on top of the HTTP protocol. In some
cases where HTTP itself is being blocked by application control, a protocol built on HTTP may be
erroneously blocked as well. To try to resolve this problem, the
Strict HTTP
setting can be
disabled for the relevant
Application Rule Set
object. This will force application control to evaluate
the entire protocol structure before making a decision on the protocol type.
Changing the Maximum Unclassified Packets
The NetDefendOS application control subsystem processes a connection's data flow until it
decides if a connection is unclassifiable or not. The maximum amount of data processed to make
this decision is specified in NetDefendOS as both a number of packets and a number of bytes. By
default, these two values are:
•
Maximum Unclassifiable Packets:
5
•
Maximum Unclassifiable Bytes:
7500
When either of these values is reached, the unclassifiable decision is made. If the administrator
needs to increase the maximum amount of data processed because some protocols are being
incorrectly flagged as unclassifiable, then the values can be changed in one of two ways:
•
They can be changed globally in the NetDefendOS
Advanced Settings
.
•
The current global settings can be overridden for all rules in a rule set by selecting the
Use
Custom Limits
option for an
Application Rule Set
object.
Chapter 3: Fundamentals
258
Summary of Contents for NetDefendOS
Page 30: ...Figure 1 3 Packet Flow Schematic Part III Chapter 1 NetDefendOS Overview 30 ...
Page 32: ...Chapter 1 NetDefendOS Overview 32 ...
Page 144: ...Chapter 2 Management and Maintenance 144 ...
Page 284: ...Chapter 3 Fundamentals 284 ...
Page 392: ...Chapter 4 Routing 392 ...
Page 419: ... Host 2001 DB8 1 MAC 00 90 12 13 14 15 5 Click OK Chapter 5 DHCP Services 419 ...
Page 420: ...Chapter 5 DHCP Services 420 ...
Page 573: ...Chapter 6 Security Mechanisms 573 ...
Page 607: ...Chapter 7 Address Translation 607 ...
Page 666: ...Chapter 8 User Authentication 666 ...
Page 775: ...Chapter 9 VPN 775 ...
Page 819: ...Chapter 10 Traffic Management 819 ...
Page 842: ...Chapter 11 High Availability 842 ...
Page 866: ...Default Enabled Chapter 13 Advanced Settings 866 ...
Page 879: ...Chapter 13 Advanced Settings 879 ...