0 Replies Latest reply on Dec 27, 2013 9:24 AM by bornheim

    In which cycle do applications need to be blocked?




      I imported the rule set "Application Control" from the library. It has two sub rule sets:

      - Block Applications in Request Cycle

      - Block Applications in Response Cycle


      This makes me kind of curious: if I add applications to an application block list: do I have to run this check in the request or in the response cycle (or in both)? If there is a difference between some applications: how would I tell them apart?


      The system list "Application Name" is obviously a McAfee maintained one. The list "List of Applications to Search for in Response Cycle" from the imported rule set is customer maintained. How would I know if I need to add a new application to one or the other cycle?


      Ok, these questions let me think that for now I will check for the application in both cycles, just to be on the safe side. Would that be too costly?


      Where in the rule tree would I locate Application filtering?


      Kind regards,