You can optionally log the use of network applications without using network application detection for access control.
For more details about the product and how to configure features, click Help or
press F1.
Steps
-
Select
Configuration.
-
Browse to Policies, then browse to the policies of the type that you want to edit.
-
Right-click a policy, then select
Edit <policy type>.
-
On the
IPv4 Access or
IPv6 Access tab, add a rule in one of the following ways:
- Right-click the last row in an empty rules table, then select
Add Rule.
- Right-click the
ID cell of an existing rule, then select
Add Rule Before or
Add Rule After.
-
Drag and drop elements from the
Resources pane to the
Source and
Destination cells, or define source and destination criteria.
-
(Optional) Drag and drop a Network Application, Application Type, or Tag element to the
Service cell.
It is not necessary to add a Network Application element if you only want to log the use of network applications.
-
In the
Action cell, select
Continue.
-
Double-click the
Logging cell.
-
Select
Override Settings Inherited from Continue Rule(s).
-
In the Log Level drop-down list, select the log level for traffic that matches the rule.
-
Select Override Recording Settings Inherited from Continue Rule(s).
-
In the
Log Application Information drop-down list, select
Enforced.
Note:
If a TLS Credentials element or a Client Protection Certificate Authority element has been uploaded to the engine,
selecting Enforced might enable the decryption of the following TLS traffic:
- TLS traffic from network applications that cannot be identified based on cached network application information.
- TLS traffic that matches an Access rule that enables deep inspection if the Service cell
contains a Network Application or Service element that does not include a Protocol Agent.
- TLS traffic for which there is no TLS Match with the Deny Decrypting option that excludes the
traffic from TLS Inspection.
-
Click
OK.
-
Click
Save and Install.