Log network application use
You can optionally log the use of network applications without using network application detection for access control.
For more details about the product and how to configure features, click Help or press F1.
Steps
- Select Configuration.
- Browse to Policies, then browse to the policies of the type that you want to edit.
- Right-click a policy, then select Edit <policy type>.
-
On the
IPv4 Access or
IPv6 Access tab, add a rule in one of the following ways:
- Right-click the last row in an empty rules table, then select Add Rule.
- Right-click the ID cell of an existing rule, then select Add Rule Before or Add Rule After.
- Drag and drop elements from the Resources pane to the Source and Destination cells, or define source and destination criteria.
-
(Optional) Drag and drop a Network Application, Application Type, or Tag element to the
Service cell.
It is not necessary to add a Network Application element if you only want to log the use of network applications.
- In the Action cell, select Continue.
- Double-click the Logging cell.
- Select Override Settings Inherited from Continue Rule(s).
- In the Log Level drop-down list, select the log level for traffic that matches the rule.
- Select Override Recording Settings Inherited from Continue Rule(s).
-
In the
Log Application Information drop-down list, select
Enforced.
Note:
If a TLS Credentials element or a Client Protection Certificate Authority element has been uploaded to the engine, selecting Enforced might enable the decryption of the following TLS traffic:
- TLS traffic from network applications that cannot be identified based on cached network application information.
- TLS traffic that matches an Access rule that enables deep inspection if the Service cell contains a Network Application or Service element that does not include a Protocol Agent.
- TLS traffic for which there is no TLS Match with the Deny Decrypting option that excludes the traffic from TLS Inspection.
- Click OK.
- Click Save and Install.