The following table summarizes Application policy configuration mode commands:
| Command | Description |
|---|---|
| allow (application-policy-config-mode) | Creates an allow rule and configures the match criteria based on which packets are filtered and the allow access action appliedc |
| deny (application-policy-config-mode) | Creates a deny rule and configures the match criteria based on which packets are filtered and the deny access action applied |
| description (application-policy-config-mode) | Configures a brief description for this application policy that enables you to differentiate it from other application policies |
| enforcement-time (application-policy-config-mode) | Configures an enforcement time period in days and hours for this application policy. The policy is enforced only during the specified time period. |
| logging (application-policy-config-mode) | Enables logging of application recognition hits made by the DPI engine. It also sets the logging level. |
| mark (application-policy-config-mode) | Creates a mark rule and configures the match criteria based on which packets are filtered and marked with 802.1p priority value or DSCP code |
| rate-limit (application-policy-config-mode) | Creates a rate-limit rule and configures the match criteria based on which incoming and outgoing packets are filtered and the configured rate limits applied |
| no (application-policy-config-mode) | Removes or resets this application policy settings |