03/26/2020 11 People found this article helpful 455,920 Views
Reassembly-Free Regular Expressions for DPI Engine
Starting with SonicOS 5.9, SonicWall has added reassembly-free regular expression functionality to the SonicWall Reassembly-Free Deep Packet Inspection (RF-DPI) engine. This proprietary implementation of regular expression matching does not require any buffering of the input content and works across packet boundaries. Users can now apply regular expressions to match objects in App Rules and use them across all currently supported application protocols and policy types. SonicWall supports perl-compatible regular expressions syntax. A few typical regular expression features are not supported: In this release SonicWall does not support back-references and does not provide substitution or translation functionality since regular expressions are used only for inspection of network traffic—not for modifying any part of the traffic.
The following predefined regular expressions are available in match objects:
This article describes how to configure these predefined regular expressions to block transmission of Credit Card and Social Security numbers over SMTP and POP3.
Block outbound mail (SMTP) containing credit card numbers, social security numbers and ABA routing numbers.
Note: Match object type File Content can only be used in App Rule policies with App Rule Policy Type of SMTP Client, FTP Data Transfer
Navigate to the Manage | Rules | App Rules page.
Click on Add New Policy and create the following App Rule policy:
Block inbound mail (POP3) containing credit card numbers, social security numbers and ABA routing numbers.
Navigate to te Manage |Rules | App Rules page.
Click on Add New Policy and create the following App Rule policy: