Creates a deny rule and configures the match criteria based on which packets are filtered and the deny access action applied
Note
Purview DPI engine is not supported on the WiNG 7.1.2 enabled NX5500, NX7500, NX9500, NX9600 and VX9000 platforms. This support will be introduced in future releases..deny [app-category [<PURVIEW-APP-CATEGORY-NAME>|all]|application <PURVIEW-APP-NAME>] schedule <SCHEDULE-POLICY-NAME> (precedence <1-256>)
deny [app-category [<PURVIEW-APP-CATEGORY-NAME>|all]|application <PURVIEW-APP-NAME>] schedule <SCHEDULE-POLICY-NAME> (precedence <1-256>)
|
The following example shows how to view all built-in, system provided Purview™ app-categories:
nx9500-6C8809(config-purview-app-policy-PurAppPolicy)#allow app-category[TAB] ads all biz certs cloud cloudcpu corp custom db education finance games health location mail news other p2p proto realtimecomms restrictcontent search shopping social sports storage streaming travel unknown updates vpn webapp webcontent webfile webmeet nx9500-6C8809(config-purview-app-policy-PurAppPolicy)#
The following example shows a deny rule with precedence 2.
nx9500-6C8809(config-purview-app-policy-PurAppPolicy)#deny app-category streaming precedence 2
The following example displays an application policy denying app-category 'social'. The policy is enforceable on weekdays from 9:30 AM to 10 PM.
nx9500-6C8809(config-purview-app-policy-DenyS-N)#show context purview-application-policy DenyS-N description "This application policy denies Social Networking sites on weedays." enforcement-time days weekdays start-time 09:30 end-time 22:00 deny app-category social precedence 1 nx9500-6C8809(config-purview-app-policy-DenyS-N)#
|