< Home

Verification and Check

This section describes the verification and check operations after the application behavior control feature is configured.

Verification

After configuring the application behavior control feature, you can do as follows to check the configuration result:

  1. Check the application behavior control profile.

    Choose Object > Security Profiles > Application Behavior Control, click the name of the application behavior control profile to be checked, and verify that the parameter settings in the profile are correct.

  2. Check the security policy configuration.

    Choose Policy > Security Policy > Security Policy, click the name of the security policy to be checked, and verify that the content security part correctly references the application behavior control profile.

Viewing Logs

After referencing the application behavior control profile, the FW checks traffic that matches the security policy. When detecting HTTP, FTP or QQ login behavior, the FW takes the action specified in the application behavior control profile and generates a log.

Choose Monitor > Log > Content Log to view application behavior control logs.

The following table describes the meanings of each field.

Field

Description

View

Click . In View Content Log Details, the details of each field in a content log are displayed.

In View Content Log Details, click the Source Address/Destination Address/Source User/Application/Security policy/Profile field value. You can view and operate existing field settings.

Time

Time when a content log is generated

Type

Content log types:

  • File Blocking
  • Data Filtering
  • Application Behavior Control

File Name/File Type

Name and type of a file

Source Zone

Source security zone of traffic

Destination Zone

Destination security zone of traffic

Source Region

Source region of the traffic

Destination Region

Destination region of the traffic

Source Address

Source IP address of traffic

Source User

User who generates traffic

Destination Address

Destination IP address of traffic

Source Port/Destination Port

Source/Destination port of traffic

Application

Application type of traffic

Action

Action defined in the file blocking rule, data filtering rule, or application behavior control rule that traffic matches

Security policy

Security policy that traffic matches

Profile

Security profile that traffic matches

Virtual System

Virtual system that generates the traffic
Parent Topic: Configuring Application Behavior Control Using the Web UI
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic