Enable Application Control in a Policy

You can enable Application Control and select the Application Control action to use when you edit a policy. You can also edit the Application Control action while you edit the policy.

When you edit an Application Control action from within a policy, the updated settings also apply to any other policy that uses the selected action.

To enable Application Control in the policy configuration:

  1. Select Firewall > Firewall Policies.
  2. Add or edit a policy.
  3. Select the Application Control tab.
  4. From the Application Control Action drop-down list, select the configured Application Control action to use for this policy.
    The Application Control Action Settings for the selected action appear in the Application Control tab.

  1. (Optional) Edit the Application Control settings for the selected action.
  2. Click Save.

If you enable Application Control for an HTTPS proxy policy, you must also enable deep inspection of HTTPS content in the HTTPS proxy action. This is required for Application Control to detect applications over an HTTPS connection. For more information, see HTTPS-Proxy: Content Inspection. Application Control scanning of HTTPS content is not supported on XTM 21, 21-W, 22, 22-W, 23, and 23-W devices.

You can also enable and configure Application Control for a policy in the Application Control configuration. For more information, see Configure Application Control for Policies.

When you enable Application Control for a policy, the XTM device always identifies and creates a log message for applications that are dropped due to an Application Control action. If you want the XTM device to create a log message for all identified applications, even those that are not dropped, you must enable logging in each policy that has Application Control enabled.

For information about how to enable logging in a policy, see Configure Logging and Notification for a Policy.

Give Us Feedback  •   Get Support  •   All Product Documentation  •   Knowledge Base