The FW uses four attributes (category, subcategory, flag, data transmission model, and risk level) to describe an application. Attributes can be used to filter out or understand an application.
The FW divides applications into the following categories and subcategories:
Category |
Subcategory |
Subcategory Description |
|---|---|---|
General |
Other |
NOTE:
The subcategory has been abandoned but is reserved to make the version compatible with earlier ones. You are not advised to add user-defined applications to this subcategory. |
General_UDP |
General_UDP |
|
General_TCP |
General_TCP |
|
Network |
Network_Admin |
SNMP, DNS, DHCP |
Security_Risk |
NOTE:
The subcategory has been abandoned but is reserved to make the version compatible with earlier ones. You are not advised to add user-defined applications to this subcategory. |
|
Proxy |
Stunnel_Control, HTTP_Proxy, Web_Proxy |
|
Ip_Protocol |
BGP, RIPng |
|
Infrastructure |
FTP, HTTP, SSL |
|
Encrypted_Tunnel |
OpenVPN, L2TP, IKEv2 |
|
General_Internet |
Map_GPS |
Google_Earth, BaiDuMap, Google_Map |
Cloud_Notes |
Yahoo_Notepad, DouBan_MicroAPP_Note, YouDaoNote |
|
Resource_Library |
Filestube, Bitche, Trilix |
|
Photo_Sharing |
Facebook_Photos, iDaily, Instagram |
|
Internet_Reading |
QQReader, Byread, TianYiRead |
|
AppStore |
AppStore, WanDouJia, HiMarket |
|
Network_Storage |
Clubbox, SkyDrive, BaiDu_disk |
|
FileShare_P2P |
BT, Thunder, eDonkey_eMule |
|
Web_Browsing |
Daum_Web, BaiDuBaiKe, Gopher |
|
Web_Crawler |
WebReaper, WikiReader, AbachoBot |
|
Utility |
Google_Translate, IOS_PushMessage, Sogou_PinYin |
|
Software_Update |
WindowsUpdate, SymantecLiveUpdate, 360Update |
|
Search_Engines |
BaiDuZhiDao, Google, bing.com |
|
IM_File_Transfer |
MSN_FileTransfer, QQ_FileTransfer, ICQ_FileTransfer |
|
File_Sharing |
QQDataBackup, GetGoDownloadManager, FileDownloader |
|
Browser_Plugin |
OperaMini, UCWeb, OperaMobile |
|
Entertainment |
Live_Streaming |
DouYuTV, InKe, ZhangyuTV |
Personals_Dating |
ShiJiJiaYuan, BaiHeWang, ZhenAiWang |
|
Press_Media |
CBS, BaiDuNews, TencentNews |
|
Online_Media |
TuDou, Hulu, SonyTV |
|
Peercasting |
XunLeiKanKan, StormBox, QQLive |
|
Blog_Microblog |
Twitter, Sina_WeiBo, Tencent_WeiBo |
|
RSS_Feed |
Noopod, EventBox, FeedBlitz |
|
Forum_Community |
GFan, BaiDuTieBa, TianYa |
|
VoIP |
QQ_VoIP, Skype_VoIP, Viber_VoIP |
|
Social_Networks |
Facebook, Myspace, Hyves |
|
Wireless |
NOTE:
The subcategory has been abandoned but is reserved to make the version compatible with earlier ones. You are not advised to add user-defined applications to this subcategory. |
|
Media_Sharing |
Joy.cn, HTTP_Streaming, Mail.ru_Video |
|
Instant_Message |
WeiXin_IM, QQ_IM, Facebook_Messages |
|
Game |
CallOfDuty, Woool, CS |
|
Business_Systems |
Video_Surveillance |
DaHua_IPCamera, Hikvision_IPCamera, Uniview_IPCamera |
Industrial |
DNP3, IEC60870-5-104, Modbus |
|
E_Government |
kipo.go.kr, socrata.com, energylabel.gov.cn |
|
Wealth_Investment |
FinChina_DZH, THS_Stock_Quotation, TongDaXin |
|
Life_Services |
GanJi, BaiDuLvYou, Ctrip |
|
CloudService |
Amazon_AWS, Microsoft_Azure, Oracle_Cloud |
|
WebMail |
NOTE:
The subcategory has been abandoned but is reserved to make the version compatible with earlier ones. You are not advised to add user-defined applications to this subcategory. |
|
File_Access |
TortoiseSVN, Net2FTP, CVS |
|
Electronic_Business |
TaoBao, DangDang, JD |
|
Remote_Desktop |
Radmin, Citrix, PcAnywhere |
|
Remote_Access |
RTelnet, Telnet, SSH |
|
Internet_Conferencing |
CU_SeeMe, WebEX, SightSpeed |
|
Enterprise_Application |
HuaWeiNetStream, Salesforce, Google_Docs |
|
WebMail_QQ, WebMail_GMail, WebMail_Netease |
||
Database |
IBM_DB2, Oracle_RDBMS, CDDB |
|
Data_Backup |
Rsync, NDMP, Mozy |
|
Finance |
WebBank_BOC, WebBank_ABC, WebBank_CCB |
|
Auth_Service |
TACACS+, RADIUS, Diameter |
Label is used to describe the features of the applications. The label can be divided into 4 dimensions.
Label Dimension |
Label Name |
|---|---|
Other-Dimension |
Database, Business-Applications |
Technology-Dimension |
Mobile-Supported, Cloud-Based, Encrypted-Communications, P2P-Based, HTTP-Based |
Function-Dimension |
Network-Storage, Social-Applications, Plays-Game, Browses-Web, Speech, Sends-Mail, Supports-IM, Supports-Video, Supports-VoIP, Supports-File-Transfer |
Risk-Dimension |
Tunneling, Evasive, Bandwidth-Consuming, Data-Loss, Productivity-Loss, Malware-Vehicle, Exploitable |
The FW divides applications into the following types by data transmission model:
Item |
Description |
|---|---|
client-server |
Client-server applications, such as some client games. |
browser-based |
Web browser applications, such as some web games. |
networking |
Networking applications, such as HTTP and HTTPS. |
peer-to-peer |
Peer-to-peer applications, such as Thunder and BT. |
unassigned |
Applications for which the data transmission model is not specified. |
The FW classifies applications into five categories based on the risk level (ranging from 1 to 5). Applications with a larger value bring about higher risks. The system calculates the risk level of an application based on the application features. The FW calculates the risk level by the following features.
Feature |
Description |
|---|---|
Exploitable |
The application has known vulnerabilities. You can check the vulnerabilities on vulnerability release website http://cve.mitre.org/. |
Productivity-loss |
The application is used for entertainment, news, and videos, decreasing employee productivity. |
Evasive |
The application is used to evade the original purpose and traverse the FW, for example, a proxy or proxy software. |
Data-loss |
The application is used for transferring files and uploading texts. Using such applications may cause information leaks. |
Malware-vehicle |
A known malware uses the application to transmit the malware or attacks or listens data, or the application and the malware are transmitted together. |
Bandwidth-consuming |
The application consumes large bandwidths, for example, Thunder and BT. |