For each rule defined, a precedence is assigned to resolve conflicting rules for applications and categories. A deny rule is exclusive, as no other action can be combined with a deny. An allow rule is redundant with other actions, since the default action is allow. An allow rule is useful when wanting to deny packets for a category, but wanting to allow a few applications in the same category to proceed. In such a cases, add an allow rule for applications with a higher precedence then a deny rule for that category.
Mark actions mark packets for a recognized application and category with DSCP/8021p values used for QoS. Ratelimits create a rate-limiter applied to packets recognized for an application and category. Ingress and egress rates need to be specified for the rate-limiter, but both are not required. Mark and rate-limit are the only two actions that can be combined for an application and category. All other combinations are invalid.
Note
The WiNG 7.1 release does not support DPI on the AP505i and AP510i model access points. This feature will be supported in future releases.To define an application policy configuration:
Name | Lists the 32 character maximum name assigned to each listed application policy, designated upon creation. |
Description | Displays the 80 character maximum description assigned to each listed application policy, as a means of further distinguishing policies with similar configurations. |
Enable Logging | Enables the log functionality, where each new flow is shown with the corresponding matched application, the action taken and the policy name. When enabled, logging just shows what applications are getting recognized. |
Logging Level | Select this option to log application events by severity. Severity levels include Emergency, Alert, Critical, Errors, Warning, Notification, Information and Debug. The default logging level is Notification. |
Precedence | Set the priority (from 1 - 256) for the application policy rule. The lower the value, the higher the priority assigned to this rule‘s enforcement action and the category and application assigned. A precedence also helps resolve conflicting rules for applications and categories. |
Action | Set the action executed on the selected application category and application. The default setting is Allow. |
Application | From the App-Category table, select the category for which the application rule applies. Selecting All auto-selects All within the Application table. Select All from the Application table to list all application category statistics, or specify a particular category name to display its statistics only. |
Select Reset to revert to the last saved configuration.