Application Control - Cipafilter Documentation

Manual - Application Control

The Application Control page is used to administer the filter's application firewall.  This feature works similarly to the standard Firewall, except that it can identify specific applications, protocols, and domains via deep packet inspection.  For example, it can detect HTTP traffic on non-standard ports, and can distinguish between multiple protocols using the same port.

The application firewall also (by default) extends the functionality of Automatic Blacklists to transparently intercepted traffic on non-HTTP(S) ports.  For instance, if a client is subject to the Chat blacklist, all traffic referencing the domain skype.com will be blocked, not just Web traffic.  Uncheck Apply group blacklists to non-Web traffic if you would like to disable this feature.  You can also exempt traffic to certain subnets from having this feature applied via the Destination-Based Exceptions table on the Web Filtering page.

Firewall rules are matched from top to bottom (like the Firewall page) and may be applied to both subnets and groups.  Rule conditions work like those described in the Bandwidth Control section below, except that instead of defining a Priority one defines an Action — either Ignore or Block .  Note that Block is only available for Domain and Application conditions — to block other traffic, please use the standard Firewall .


    • Related Articles

    • Manual - Bandwidth Control

      Bandwidth Control prevents heavy bandwidth users from consuming bandwidth capacity to the detriment of other activities on your network.  Three modes are available: Disabled , Automatic , and Advanced DPI . Disabled The Disabled control method ...
    • Manual

      This article provides links to the individual sections of the Cipafilter product manual.  A PDF of the Cipafilter product manual is attached to this article. Introduction Interface Conventions Installation Status Management Users Hot Spare ...
    • Manual - Introduction

      Cipafilter is a powerful routing platform capable of delivering an evolving tool set to protect your enterprise. Cipafilter's philosophy is to provide a cuing edge, well rounded, and aggressive network control solution to meet your current and future ...
    • Manual - Web Filtering

      The first thing to decide with regard to Web filtering is whether to run individual subnets in transparent or non-transparent (proxy server) mode. Transparent mode  — no client configuration is required, the Cipafilter simply intercepts all traffic ...
    • Manual - Firewall

      The Firewall feature provides a stateful firewall which tracks the state of connections routed through the filter, allowing one to easily and precisely restrict traffic. The default policy of a firewall determines whether it drops or accepts ...