SonicOS 7 Rules and Policies

Licensing App Rules and App Control

The Application Visualization and Control license has two components:

  • The Visualization component provides identification and reporting of application traffic in the Appliance Health pages.
  • The Control component allows you to create and enforce App Rules and App Control policies for logging, blocking, and bandwidth management of application traffic handled by your network.

Application Visualization and Control can also be licensed together in a bundle with other security services including SonicWall Gateway Anti-Virus (GAV), Anti-Spyware, and Intrusion Prevention Service (IPS).

Upon registration on MySonicWall, or when you load SonicOS onto a registered SonicWall device, supported SonicWall appliances begin an automatic 30-day trial license for Application Visualization and Control, and application signatures are downloaded to the appliance.

A free 30-day trial is also available for the other security services in the bundle, but it is not automatically enabled as it is for Application Visualization and Control. You can start the additional free trials on the individual Security Services pages in SonicOS, or on MySonicWall.

After Real-Time data collection is manually enabled on the DEVICE | AppFlow > Flow Reporting page (see the Managing Flow Reporting Statistics section in the SonicOS Logs and Reporting technical documentation), you can view real-time application traffic on the Live Monitor page and see application activity in other MONITOR pages for the identified/classified flows from the firewall application signature database.

To begin using application control, you must enable it in the App Control Global Settings view of the POLICY | Rules and Policies > App Control page:

To begin using policies created with App Rules and App Control, select Enable App Control on the POLICY | Rules and Policies > App Control | App Control Global Settings page.

When the Enable App Control checkbox is selected from the POLICY | Rules and Policies > App Control | App Control Global Settings page, the dpi=1 Syslog tag is seen in Connection Closed Syslog messages for all traffic that passed through Deep Packet Inspection. Traffic that did not pass through DPI shows dpi=0 in the Connection Closed Syslog messages. For more information about the Index of Syslog Tags Field Descriptions or Syslog examples showing the SPI tag, see the SonicOS Log Events Administration Guide.

The SonicWall Licensing server provides the App Visualization and Control license key to the firewall when you begin a 30-day trial (upon registration) or purchase a Security Services license bundle.

Licensing is available on www.mysonicwall.com on the Service Management page under GATEWAY SERVICES.

The Security Services license bundle includes licenses for the following subscription services:

  • App Visualization
  • App Control
  • Gateway Anti-Virus
  • Gateway Anti-Spyware
  • Intrusion Prevention Service

Application signature updates and signature updates for other Security Services are periodically downloaded to the firewall as long as these services are licensed.

If you disable App Control in the SonicOS management interface, application signature updates are discontinued until the feature is enabled again.

When High Availability is configured between two firewalls, the firewalls can share the Security Services license. To use this feature, you must register the firewalls on MySonicWall as Associated Products. Both appliances must be the same SonicWall network security appliance model.

For a High Availability pair, even if you first register your appliances on MySonicWall, you must individually register both the Primary and the Secondary appliances from the SonicOS management interface while logged into the individual management IP address of each appliance. This allows the Secondary unit to synchronize with the firewall license server and share licenses with the associated Primary appliance. When Internet access is restricted, you can manually apply the shared licenses to both appliances.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.