Blocking high-risk applications
To guard their networks against malware, many organizations need to control access to applications that are considered high risk. You can create policies to restrict traffic to all applications categorized as high risk. When the application signature database is updated, new applications are automatically added to application filters and firewall rules. For example, if a new signature is added for a high-risk application and there is already an application filter that blocks all high-risk applications, the new application will be blocked.
Objectives
When you complete this unit, you’ll know how to do the following:- Create an application filter policy to block traffic for high risk applications.
- Create a firewall rule and add the policy.
Create an application filter policy
Create an application filter policy that blocks all high-risk applications.
-
In the list of application filters, locate the filter you just added and click
.
-
Click Add.
-
From the Risk filter, select High and Very High, and click
OK.
Create a firewall rule and apply the policy
The application filter policy takes effect when you add it to a firewall rule. In this case, the rule blocks access to all high-risk applications for all users.
-
Go to Firewall and
click .
-
Scroll to the Advanced section and select the Block_High_Risk_Apps policy.
