Application Control
Application control statistics
FortiGate Version 4.0 Administration Guide
01-400-89802-20090424
527
•
In addition to these option, some IM applications and VoIP protocols have additional
options:
Application control statistics
The FortiGate unit maintains statistics on selected IM and P2P applications, and VoIP
protocols. You can use these statistics to gain insight into how the protocols are being
used within your network. To view these statistics, go to
UTM > Application Control >
Statistics
.
Session TTL
The application’s session TTL. If this option is not enabled, the TTL
defaults to the setting of the
config system session-ttl
CLI
command.
Enable Logging
When enabled, the FortiGate unit will log the occurrence and the
action taken if traffic from the specified application is detected.
IM options
Block Login
Select to prevent users from logging in to the selected IM system.
Block File Transfers
Select to prevent the sending and receiving of files using the selected
IM system.
Block Audio
Select to prevent audio communication using the selected IM system.
Inspect Non-standard
Port
Select to allow the FortiGate unit to examine non-standard ports for
the IM client traffic.
Display content meta-
information on the
system dashboard
Select to include meta-information detected for the IM system on the
FortiGate unit dashboard.
VoIP options
Limit Call Setup
Enter the maximum number of calls each client can set up per minute.
Limit REGISTER
request
Enter the maximum number of register requests per second allowed
for the firewall policy.
Limit INVITE request
Enter the maximum number of invite requests per second allowed for
the firewall policy.
Enable Logging of
Violations
Select to enable logging of violations.
Other options
Command
Some of traffic types include a command option. Specify a command
that appears in the traffic that you want to block or pass.
For example, enter
GET
as a command in the
FTP.Command
application to have the FortiGate unit examine FTP traffic for the GET
command. Multiple commands can be entered.
Method
A method option is available for HTTP, RTSP, and SIP protocols.
Specify a method that appears in the traffic that you want to block or
pass.
For example, enter
POST
as a method in the
HTTP.Method
application
to have the FortiGate unit examine HTTP traffic for the POST method.
Multiple methods can be entered.
Program Number
Enter the program number appearing in Sun Remote Procedure Calls
(RPC) that you want to block or pass. Multiple program numbers can
be entered.
UUID
Enter the UUID appearing in Microsoft Remote Procedure Calls
(MSRPC) that you want to block or pass. Multiple UUIDs can be
entered.
Summary of Contents for Gate 60D
Page 705: ...www fortinet com...
Page 706: ...www fortinet com...