Policy Enforcement > Add Policy (Step 5: Specify Network Application Policy)
A brief description of the options on this screen is available below.
Application protocol detection—select this option to check endpoints for communication through certain protocols. You can use this option to regulate traffic on certain protocols.
Endpoint Action—select whether to monitor the endpoint as a noncompliant endpoint, drop the packet, or reject the packet. In contrast to dropping packets, wherein Network VirusWall Enforcer simply severs the connection, rejecting packets returns a RESET package to inform the source endpoint that the connection has been broken.
TCP ports—specify up to 64 individual TCP ports and port ranges to assess
UDP ports—specify up to 64 individual UDP ports and port ranges to assess
ICMP—select this to check for ICMP packets
Instant messaging detection—select this option to regulate instant messaging traffic.
Endpoint Action—select whether to monitor the endpoint as a noncompliant endpoint, drop the packet, or reject the packet. In contrast to dropping packets, wherein Network VirusWall Enforcer simply severs the connection, rejecting packets returns a RESET package to inform the source endpoint that the connection has been broken.
MSN—select to check MSN or Live Messenger traffic. You can choose to assess only file transfer activity or all activities.
Yahoo—select to check Yahoo! Messenger traffic. You can choose to assess only file transfer activity or all activities.
ICQ/AIM—select to check ICQ or AOL Instant Messenger (AIM) traffic. You can choose to assess only file transfer activity or all activities.
IRC—Select to assess all Internet Relay Chat (IRC) activity
File transfer detection—select this option to assess file transfer activity.
Endpoint Action—select whether to monitor the endpoint as a noncompliant endpoint, drop the packet, or reject the packet. In contrast to dropping packets, wherein Network VirusWall Enforcer simply severs the connection, rejecting packets returns a RESET package to inform the source endpoint that the connection has been broken.
Windows file transfer—select this option to assess CIFS and Samba protocol file transfers. Most of these file transfers occur when files are copied to and from shared folders.
HTTP file transfer—select this option to assess HTTP file transfers.
FTP file transfer—select this option to assess FTP file transfers.
Files to assess—specify which files to check, whether they are specific files or certain file types. You can add a maximum of 64 file names and each file name can be a maximum of 255 characters.
Exceptions—specify which files to check, whether they are specific files or certain file types. You can add a maximum of 64 file names and each file name can be a maximum of 255 characters.
Allow Control Manager to modify Network Application Policy settings when an outbreak occurs—select this option to allow Control Manager™ to temporarily modify the policy settings you have defined. This feature requires that the device is registered to a Control Manager server from the Preconfiguration console.
Send policy violation data to syslog—select this option to send a log entry to syslog whenever one of the assessment criteria returns a match.