Application Aware Firewalling from SonicWALL
SonicWALL announced the introduction of Application Aware Firewalling for all next generation SonicWALL NSA firewalls. This advancement identifies and classifies applications, provides visibility into user specific application and content access, and automates the appropriate response to any risk, vastly improving the policy control and compliance of today’s networks.
Key features include:
Application Bandwidth Management: Allows administrators to control how bandwidth is allocated based on the application in use. This control provides the choice of blocking the application, limiting the bandwidth that the application can use or guaranteeing a committed amount of bandwidth. In addition, bandwidth management policy rules can be applied based on time and date, and by user or group. Examples include limiting the bandwidth for streaming video and audio applications during the work-day or ensuring that specific users of a cloud-based sales productivity application get the bandwidth they need at the end of quarter.
Application Identification, Blocking and Notification: Administrators can now easily identify specific applications, block their use, and then automatically notify the user as to why the application was blocked. For example, an organization may wish to detect and control a single or group of applications which operate on a variety of ports open through the firewall. The Application Firewall can detect attempted use of these applications, block their use and then automatically notify the end-user with an appropriate message. This enforces acceptable use policies while increasing employee and network resource productivity. In addition, the administrator can choose to apply such policies to a group of applications. They can create their own group or use a SonicWALL defined group of applications (i.e. Peer-to-Peer), with the application signatures of the SonicWALL defined groups regularly and automatically updated by SonicWALL. The use of SonicWALL defined groups saves time in creating and maintaining application identification and enforcement policies.
Data Awareness and Control: The Application Firewall also can analyze data, including FTP file transfers, e-mail attachments and e-mail, and browser-based content. Policy rules can be implemented to identify specific content and take appropriate action. Examples include blocking outbound web-based e-mail which contains the phrase “company confidential” or notifying IT when FTP files are transferred which contain specific project names. Notifications to the sender can be automatically generated if desired and rules can be applied based on date, time, users/groups and more.