Application Control actions
The first four actions are edited by right-clicking in the Action column of Application Overrides or Filter Overrides. The last action is accessed at the upper right-hand corner of the screen.
All five actions are also available options when you left click on the icon next to an item in Categories to produce a drop down menu.
Allow
This action allows the targeted traffic to continue on through the FortiGate.
Monitor
This action allows the targeted traffic to continue on through the FortiGate unit but logs the traffic for analysis.
Block
This action prevents all traffic from reaching the application and logs all occurrences.
Quarantine
This action allows you to quarantine or block access to an application for a specified duration that can be entered in days, hours, and minutes. The default is 5 minutes.
View Signatures / View Application Signatures
This option is in the upper-right hand corner of the screen OR when you left click on the icon next to an item in Categories to produce a drop down menu. A window opens that displays a list of the signatures with the following columns:
- Name
- Category
- Technology - Technology is broken down into 3 technology models as well as the more basic Network-Protocol which would can be used as a catch all for anything not covered by the more narrowly defined technologies of:
- Browser-Based
- Client-Server
- Peer-to-Peer
- Popularity - Popularity is broken down into 5 levels of popularity represented by stars.
- Risk - The risk property does not indicate the level of risk but the type of impact that is likely to occur by allowing the traffic from that application to occur.
Resetting the Network in CLI
Through the CLI command set action {pass | block | reset}
, you can also reset the network connection if traffic matches the specified application(s) on the application control list. The default of this command is block
.
CLI Syntax
config application list
edit default
config entries
edit 1
set action reset
end
end
Traffic Shaping
Prior to the release of FortiOS 5.4.0, application control traffic shaping was configured in the Security Profiles > Application Control interface. There is now a specific section for traffic shaping policies in Policy & Objects > Traffic Shaping Policy. See Traffic shaping methods in the chapter on Traffic Shaping for details.