What is application Control in the Fortigate firewall? How it can help block or allow specific applications through the firewall?
What Is Application Control in Fortigate Firewall?
Application Control is the feature that helps you to block, allow or restrict network traffic based on specific applications or application groups. This feature is available in the FortiGate firewall and FortiWiFi router. It allows an organization to control which applications are allowed or denied to be used on the network.
If an organization wants to block all video streaming traffic, it can configure Application Control. With Application Control, they can configure which applications are allowed. Also, these are blocked and are allowed with certain conditions like allowing only a specific version of a web browser to access the Internet.
If an organization wants to block all online gaming and only allow online applications like email. Also, it includes online banking and shopping sites, they can use application control. If there are any other applications that you want to allow or deny for users, you can do it by using this feature.
What Are Ways to Apply It?
There are two ways to apply application control:
1. Add specific applications to the blacklist or whitelist.
2. Create a custom application group and add the applications to this group.
There are two ways to do this:
1. Create a hard rule that allows or blocks all traffic from a specific application group.
2. Create a soft rule that allows selected applications in an application group to access the network. Also, this is while blocking all other applications in the same group.
If you use Application Control, you can also create an application group that includes all the applications that you want to block or allow. Also, you can also configure application control for each user, in addition to the default settings. So, applications that are not configured for a specific user are controlled by the default settings.
Configure Application Blocking
You can also configure application blocking from different categories:
1. Blocked Applications – All applications that are not included in the whitelist or blacklist will be blocked here.
2. Controlled Applications – All applications that are not included in the blacklist or whitelist will be controlled here. Also, the list may include a specific version of an application.
3, Allowed Applications – All applications that are not included in the blacklist or whitelist will be allowed here.
You can also specify when you want to block or allow network traffic based on these categories:
1. Always – All traffic will be blocked while this option is selected. So, the firewall still forwards traffic if it is required by a network connection. Also, if there is no other rule with a higher priority than this rule.
2. Never – This option allows all traffic while this option is selected. Also, the firewall still blocks traffic if there is another rule with a higher priority than this rule.
3. Bypass – Traffic is allowed through this rule regardless of the other rules on the firewall. Also, you can use bypass rules for troubleshooting purposes only. So, the firewall still forwards traffic if it is required by network connection and there is no other rule with a higher priority than this rule.