Application Control is a subscription service that enables you to monitor and control the use of applications on your network. Application Control uses over 1800 signatures that can identify and block over 1000 applications. In the Application Control action, you select the applications by name, and choose to block or allow traffic for each application or application category. Then you apply the Application Control action to the applicable policy. You do not need to create or maintain your own custom rules to identify applications. The Application Control service provides frequent updates to application signatures to keep the protection current.
You can use Application Control to block the usage of specific applications, and you can report on application use and use attempts. For some applications, you can block specific application behaviors, such as file transfer.
Application Control Deny Message
When Application Control blocks HTTP content that matches an Application Control action, the user who requested the content sees an Application Control deny message in the browser. The deny message says that the content was blocked because the application was not allowed. The message is not configurable. When Application Control blocks HTTPS content, the Application Control deny message appears in the browser only if the application was blocked before the application sent a response to the browser.
Add the Application Control Upgrade
To enable Application Control on your Firebox, you must:
- Get a Firebox Feature Key
- Manually Add or Remove a Feature Key
- Configure Application Control Actions
Keep Application Control Signatures Updated
New applications appear on the Internet frequently. To make sure that Application Control can recognize the latest applications, you must update the signatures frequently. You can configure the Firebox to update the signatures automatically from WatchGuard, as described in Configure the Application Control Update Server.