Cipafilter Documentation - Application Control

Manual - Application Control

The Application Control page is used to administer the filter's application firewall.  This feature works similarly to the standard Firewall, except that it can identify specific applications, protocols, and domains via deep packet inspection.  For example, it can detect HTTP traffic on non-standard ports, and can distinguish between multiple protocols using the same port.

The application firewall also (by default) extends the functionality of Automatic Blacklists to transparently intercepted traffic on non-HTTP(S) ports.  For instance, if a client is subject to the Chat blacklist, all traffic referencing the domain skype.com will be blocked, not just Web traffic.  Uncheck Apply group blacklists to non-Web traffic if you would like to disable this feature.  You can also exempt traffic to certain subnets from having this feature applied via the Destination-Based Exceptions table on the Web Filtering page.

Firewall rules are matched from top to bottom (like the Firewall page) and may be applied to both subnets and groups.  Rule conditions work like those described in the Bandwidth Control section below, except that instead of defining a Priority one defines an Action — either Ignore or Block .  Note that Block is only available for Domain and Application conditions — to block other traffic, please use the standard Firewall .

    • Related Articles

    • Manual - Bandwidth Control

      Bandwidth Control prevents heavy bandwidth users from consuming bandwidth capacity to the detriment of other activities on your network.  Three modes are available: Disabled, Automatic, and Advanced DPI. Disabled The Disabled control method disables ...
    • Manual

      This article provides links to the individual sections of the Cipafilter product manual.  A PDF of the Cipafilter product manual is attached to this article. Introduction Interface Conventions Installation Status Management Users Hot Spare ...
    • Manual - Web Filtering

      The first thing to decide with regard to Web filtering is whether to run individual subnets in transparent or non-transparent (proxy server) mode. Transparent mode  — no client configuration is required, the Cipafilter simply intercepts all traffic ...
    • Manual - Introduction

      Cipafilter is a powerful routing platform capable of delivering an evolving tool set to protect your enterprise. Cipafilter's philosophy is to provide a cuing edge, well rounded, and aggressive network control solution to meet your current and future ...
    • Manual - Group Permissions

      Permissions for groups of users are managed here. Each group has individual settings for the different filtering technologies available, as well as a separate whitelist and blacklist. On this page, you can also edit the global whitelist and blacklist ...