Application Control Software Blade

Enables application security policies to identify, allow, block or limit usage (based on bandwidth and/or time) of thousands of applications, including Web 2.0 and social networking, regardless of port, protocol or evasive technique used to traverse the network. Combined with identity awareness capabilities, IT administrators can create very granular policy definitions. User and group application usage is controlled according to user or group needs and applications’ characteristics in terms of security, productivity and resource utilization.

Easily define application-based policies per user or group directly from the firewall.

Applications are classified into more than 150 categories, based on diverse criteria such as applications’ type, security risk level, resource usage, productivity implications and others. To support the dynamic nature of Internet applications, AppWiki is continuously updated. 

AppWiki: Industry's largest application classification library 

Scan and secure SSL encrypted traffic passing through the gateway.  When traffic is passed through, the gateway decrypts the traffic with the sender’s public key, inspects and protects, then re-encrypts, sending the newly encrypted content to the receiver.

For example, traffic to Facebook may be over HTTP (clear) or HTTPS (encrypted).  If the policy blocks usage of Facebook games, it doesn’t matter whether the traffic is encrypted or not – it will be subject to the same policy and blocked.

Granularly define exceptions for SSL inspection to protect user privacy and comply with corporate policy.  Some encrypted content passing through the gateway should not be instpected and therefore can be bypassed with a simple administrator policy definition. 

UserCheck technology alerts employees in real-time about their application access limitations, while educating them on Internet risk and corporate usage policies. In addition to defining policies that allow or block specific applications, businesses can choose to query the user by prompting the employee to select whether an application is being used for business or personal use. This enables IT administrators to gain a better understanding of Web 2.0 usage patterns, adapt policies and regulate personal usage without interrupting the flow of business.

Integration with the Identity Awareness Software Blade enables users of the Application Control Software Blade to define granular policies to control applications usage by specific users, groups of users and the machine they are using, to best balance between the organization’s security needs and its business needs.

The Application Control software blade used in conjunction with the SmartEvent software blade provides a complete view into users' online behavior and applications usage. SmartEvent provides a granular level of visilibity into application activities leading to a clear understanding of network usage. 

Intuitive and insightful reporting helps detect potentially malicious incidents and prvent them from happening. With such enhanced features as detailed reporting, browse time details, trends, maps and statistics, it provides a full insight into web activities.