Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
User1234
Contributor

Enable Protocol Signature by default

Jump to solution
Hi! (I hope this is the correct board) Concerning Firewalling (Mgmt/GW) I want to enable protocol signatures (AppCtrl) in all services by default, without the need to manually override each service and check the box in the advanced section. Is this possible at all? #Quantum
0 Kudos
1 Solution

Accepted Solutions
Timothy_Hall
Champion
Champion

Doesn't seem to be possible from what I can tell, I poked around in the GUIdbedit objects_5_0.C settings and the $FWDIR/lib/*.def files and didn't see any kind of property setting that controls this behavior.

New 2021 IPS/AV/ABOT Immersion Self-Guided Video Series
now available at http://www.maxpowerfirewalls.com

View solution in original post

7 Replies
_Val_
Admin
Admin

Can you elaborate please? What are you trying to achieve?

0 Kudos
User1234
Contributor

I am trying to enable AppCtrl on our GWs. This is done by activating the blade activating the protocol signature in the respective services, that are used in the access layer. Unfortunately the protocol signature check is disabled by default in any service and must be activated manually. I want to activate it by default, so any service has the box check automatically.

0 Kudos
_Val_
Admin
Admin

I think you misunderstand what Application Control is, and how it is intended to work.

There are services, and there are applications. You can use both in the rulebase. Maybe start with sk112249 and Admin manuals.

0 Kudos
Timothy_Hall
Champion
Champion

The R80+ Protocol Signature & Protocol settings on the service objects are the source of a lot of confusion but as Val said is mostly separate from Application Control.  Understanding the ramifications of enabling the Protocol Signature setting beforehand is highly advisable.  This seems to be one area that does not have a lot of documentation, so I took my best shot at trying to explain it in my unpublished "APCL/URLF Immersion" class for a private customer.  Whether I did a good job or not is left as an exercise for the reader, see below.  😀

proto1.pngproto2.pngproto3.pngproto4.jpgproto5.pngproto6.png

 

 

New 2021 IPS/AV/ABOT Immersion Self-Guided Video Series
now available at http://www.maxpowerfirewalls.com
User1234
Contributor

Thanks for the explanation. So is there a way to enable the protocol signature check by default on any supporting protocols/services/whatever-you-may-name-them?

0 Kudos
Timothy_Hall
Champion
Champion

Doesn't seem to be possible from what I can tell, I poked around in the GUIdbedit objects_5_0.C settings and the $FWDIR/lib/*.def files and didn't see any kind of property setting that controls this behavior.

New 2021 IPS/AV/ABOT Immersion Self-Guided Video Series
now available at http://www.maxpowerfirewalls.com
_Val_
Admin
Admin

Not all services are having those signatures in the first place.