The application behavior control function of the FW implements refined control over HTTP, FTP and IM behavior.
Traditional devices control HTTP and FTP behavior by protocol or port. However, the FW can implement more refined control over HTTP and FTP behavior. For example, you can disable FTP file upload and deletion, but enable FTP file download by configuring application behavior control. The FW also supports the control over QQ login behavior.
Table 1 describes the control options of application behavior control.
Type of Behavior |
Control Option |
Description |
Action |
|---|---|---|---|
HTTP behavior |
POST |
The POST method of HTTP is commonly used to send information to the server through web pages. For example, you are using this method when you post on BBS, submit forms, and use your user name and password to log in to a specific system. |
Permit/Deny |
Web browsing |
You can use a web browser to browse web pages. |
||
Internet access using a proxy |
You can use a proxy server to access specified websites. To implement this function, you must deploy the FW between the intranet and the proxy server. |
||
File upload |
- |
||
File download |
- |
||
Size of the posted content in HTTP POST operations (Alarming/Blocking Threshold) |
You can set alert threshold a and block threshold b to limit the size of the posted content if HTTP POST is allowed. |
Alert/Block |
|
Upload file size (Alarming/Blocking Threshold) |
You can set alert threshold a and block threshold b to limit the size of the upload file if file upload is allowed. |
||
Download file size (Alarming/Blocking Threshold) |
You can set alert threshold a and block threshold b to limit the size of the download file if file download is allowed. This control option is used to control file download through HTTP. However, dedicated download software such as BT and eMule selected on the file download page cannot be controlled. |
||
FTP behavior |
File upload |
- |
Permit/Deny |
File download |
- |
||
File deletion |
- |
||
Upload file size (Alarming/Blocking Threshold) |
You can set alert threshold a and block threshold b to limit the size of the upload file if file upload is allowed. |
Alert/Block |
|
Download file size (Alarming/Blocking Threshold) |
You can set alert threshold a and block threshold b to limit the size of the download file if file download is allowed. |
||
IM behavior |
QQ login |
You can set the blacklist, whitelist, default action for QQ accounts to control QQ login. The priorities of the whitelist, blacklist, and default action are in descending order. |
Permit/Deny |
a: When the size of the upload or download file or the size of the posted content hits the alert threshold, the system generates a log to notify the device administrator.
b: When the size of the upload or download file or the size of the posted content hits the block threshold, the system blocks the upload or download file or POST operation and generates a log to notify the device administrator.
When you create security policies, you can combine the application behavior control profile and objects such as the user and schedule to implement differentiated management of users in different schedules.