Showing results for 
Search instead for 
Did you mean: 
Level 7

In which cycle do applications need to be blocked?


I imported the rule set "Application Control" from the library. It has two sub rule sets:

- Block Applications in Request Cycle

- Block Applications in Response Cycle

This makes me kind of curious: if I add applications to an application block list: do I have to run this check in the request or in the response cycle (or in both)? If there is a difference between some applications: how would I tell them apart?

The system list "Application Name" is obviously a McAfee maintained one. The list "List of Applications to Search for in Response Cycle" from the imported rule set is customer maintained. How would I know if I need to add a new application to one or the other cycle?

Ok, these questions let me think that for now I will check for the application in both cycles, just to be on the safe side. Would that be too costly?

Where in the rule tree would I locate Application filtering?

Kind regards,


0 Kudos