0 Replies Latest reply on Dec 27, 2013 9:24 AM by bornheim

    In which cycle do applications need to be blocked?

    bornheim

      Hi,

       

      I imported the rule set "Application Control" from the library. It has two sub rule sets:

      - Block Applications in Request Cycle

      - Block Applications in Response Cycle

       

      This makes me kind of curious: if I add applications to an application block list: do I have to run this check in the request or in the response cycle (or in both)? If there is a difference between some applications: how would I tell them apart?

       

      The system list "Application Name" is obviously a McAfee maintained one. The list "List of Applications to Search for in Response Cycle" from the imported rule set is customer maintained. How would I know if I need to add a new application to one or the other cycle?

       

      Ok, these questions let me think that for now I will check for the application in both cycles, just to be on the safe side. Would that be too costly?

       

      Where in the rule tree would I locate Application filtering?

       

      Kind regards,

      Robert