Block uploading to an FTP server using Application Firewall
03/26/2020 13 12887
DESCRIPTION: Block uploading to an FTP server using Application Firewall
Application firewall scans application layer network traffic as it passes through the gateway and looks for content that matches configured keywords. When it finds a match, it performs the configured action. It can match text or binary content. When you configure application firewall, you create policies that define the type of applications to scan, the direction, the content or keywords to match. You could also optionally define the user or domain to match, and the action to perform.
This article illustrates the method to block uploading to an FTP server either from behind the SonicWall or from the WAN side of the SonicWall to a server behind the SonicWall.
Application Firewall is license based. You can view the status of your license at the top of the Application Firewall > Policies page. You must enable Application Firewall to activate its functionality.
Defining an Application Object
Login to the SonicWall Mangement GUI
Navigate to the Application Firewall > Policies page.
Check the box under Enable Application Firewall.
Navigate to the Application Firewall > Application Objects page
Click on the Add New Object button
In the Edit Applicable Firewall Object window, enter information as per the screenshot.
Click on OK to save.
Creating an Application Firewall Policy
Navigate to the Application Firewall > Policies page. Click on Add New Policy. Create a new policy with the following information and click on OK to save.
How to Test:
To test this scenario connect to an FTP server and then try to upload a file to it. The uploading will fail and you should see alerts similar to the ones shown below in the log.