Security Services
Configuring Application Control
Cisco ISA500 Series Integrated Security Appliances Administration Guide 310
7
Use the Application Control Policies page to configure the application control
policies. An application control policy allows you to permit or block traffic for the
applications by schedule.
Important Tips:
• Be aware that the Cisco ISA500 can control access only for the traffic that it
handles. For example, if a PC and a server are directly connected to the
LAN ports of the Cisco ISA500, Application Control policies apply to the
traffic between these devices. However, if a switch is uplinked to the
Cisco ISA500, the security appliance does not handle the traffic through the
ports of that switch and therefore the Application Control policies do not
apply.
• Application Control uses signatures to identify and block the applications.
You must update the application signatures frequently so that Application
Control can identify the latest applications. See Updating Application
Signature Database, page 317.
Refer to the foll owing to pics:
•General Application Control Policy Settings, page 310
•Adding an Application Control Policy, page 311
•Permitting or Blocking Traffic for all Applications in a Category,
page 312
•Permitting or Blocking Traffic for an Application, page 313
General Application Control Policy Settings
STEP 1 Click Se curity Services > Application Control > Application Control Policies.
STEP 2 You can perform the following actions:
•Click Add Policy to add a new application control policy. See Adding an
Application Control Policy, page 311.
•Click the Edit (pencil) icon to edit an existing application c ontrol policy.
•Click the Duplicate icon to create a copy of an existing application control
policy. This feature allows you to make a minor change for an existing
application control policy to create a new policy.