Amer Networks E5Web GUI User Manual
Page 209
Name=Allow_Comp
InControl
Follow the same steps used for the Web Interface below.
Web Interface
1.
Go to: Policies > Add > IPRule
2.
Specify a suitable name for the rule, in this case Allow_Comp
3.
Now enter:
•
Action: Allow
•
Service: all_services
•
Source Interface: lan
•
Source Network: lan_net
•
Destination Interface: all
•
Destination Network: all-nets
4.
Go to the Application Control tab and enter the following:
•
Application Control: Enable
•
Use Manual Configuration: Enable
•
Application Action: Deny
•
Using the Add button, select yahoo_groups and google_groups from the application
definitions.
5.
Click OK
Using an Application Rule Set
As described previously, another, recommended way of controlling applications is to create an
Application Rule Set and associate this with an IP rule or IP Policy.
An Application Rule Set will contain one or more Application Rule objects which define an
application and what actions are to be taken when the application is recognized.
An application rule set has a Default Action which is either Allow or Deny. If the action is set to
Allow, everything is allowed unless it is specifically denied by a rule. If set to Deny, everything is
denied unless it is specifically allowed by a rule.
Using application rule sets allows not only data for a certain application to be allowed or denied
but also the following additional controls:
•
Authentication Settings
For an Allow rule, the requesting client is only permitted the connection if they have already
Chapter 3: Fundamentals
209