What is Application Firewall?
Application firewall is a set of
application-specific policies that gives you granular control over
network
traffic on the level of users, email users, schedules, and
IP-subnets. The primary functionality of this
application-layer access
control feature is to regulate Web browsing, file transfer, email, and
email
attachments.
Application firewall’s digital rights management
component provides the ability to scan files and documents
for content and
keywords. Using application firewall, you can restrict transfer of certain file
names, file types,
email attachments, attachment types, email with certain
subjects, and email or attachments with certain
keywords or byte patterns.
You can deny internal or external network access based on various
criteria.
prevention functionality which allows you to
create custom, policy-based actions. Examples of custom
actions include the
following:
• Disabling an attachment
• Sending a custom block page
•
Sending a custom email reply
• Redirecting an HTTP request
• Sending a
custom FTP reply over an FTP control channel
• Bandwidth throttling for file
types when using the HTTP or FTP protocols
While application firewall primarily provides
application level access control, application layer bandwidth
management and
digital rights management functionality, it also includes the ability to create
pure custom
IPS signatures. You can create a custom policy that matches any
protocol you wish, by matching a unique
piece of the protocol header.
Application firewall provides excellent functionality for preventing the
accidental transfer of proprietary
documents. For example, when using the
automatic address completion feature of Outlook Exchange, it is
a common
occurrence for a popular name to complete to the wrong address.
Application firewall functionality can be compared to
three main categories of products:
• Standalone proxy appliances
•
Application proxies integrated into firewall VPN appliances
• Standalone IPS
appliances with custom signature support
Standalone proxy appliances are typically designed
to provide granular access control for a specific protocol.
SonicWALL
application firewall provides granular, application level access control across
multiple
protocols, including HTTP, FTP, SMTP, and POP3.Because application
firewall runs on your SonicWALL
firewall, you can use it to control both
inbound and outbound traffic, unlike a dedicated proxy appliance
that is
typically deployed in only one direction. Application firewall provides better
performance and
scalability than a dedicated proxy appliance because it is
based on SonicWALL’s proprietary Deep Packet
Inspection
technology.
Today’s integrated application proxies do not provide granular,
application level access control, application
layer bandwidth management, and
digital rights management functionality. As with dedicated proxy
appliances,
SonicWALL application firewall provides much higher performance and far greater
scalability
than integrated application proxy solutions.
While some standalone IPS appliances provide protocol
decoding support, none of these products supports
granular, application level
access control, application layer bandwidth management, and digital
rights
management functionality.
In comparing application firewall to
SonicWALL Email Security, there are benefits to using either. Email
Security
only works with SMTP, but it has a very rich policy space. Application firewall
works with SMTP,
POP3, HTTP, FTP and other protocols, is integrated into
SonicOS on the firewall, and has higher
performance than Email Security.
However, application firewall does not offer all the policy options for
SMTP
that are provided by Email Security.
