Security Services
Configuring Application Control
Cisco ISA500 Series Integrated Security Appliances Administration Guide 314
7
•Application: The name of the application.
•Action: Choose Permit to permit traffic for the application or choose Deny
to block traffic for the application.
•Logging: Choose Enable to log the event when an application is blocked, or
choose Disable to disable the logging function.
To log application blocking events, you must first enable the logging settings
for the applications, and then go to the Device Management > Logs pages to
configure the log settings and the log facilities. See Log Management,
page 442.
•Configure feature-specific access control: For some applications, you can
permit or block certain features or functions of the application. For example,
for Google Talk application, you can permit the chat function but block the
media transfer function. Check this box and then specify the action for each
feature or function of the application.
NOTE: When the action for a specified feature or function is set to “Deny,” it
will no longer function.
STEP 3 Click OK to save your settings.
General Application Control SettingsUse the Application Control Settings page to enable the Application Control
feature, apply the application control policies to different zones, and update the
application signature database.
Important Tips:
• Be aware that the Cisco ISA500 can control access only for the traffic that it
handles. For example, if a PC and a server are directly connected to the
LAN ports of the Cisco ISA500, Application Control policies apply to the
traffic between these devices. However, if a switch is uplinked to the
Cisco ISA500, the security appliance does not handle the traffic through the
ports of that switch and therefore the Application Control policies do not
apply.
• You must update the application signatures frequently so that Application
Control can identify the latest applications.
Refer to the foll owing to pics: