Print this pagePrint this page

Email this topicEmail this topic

View PDFView PDF

Download EPUBDownload EPUB

Configure L7 Application Rules

Create application rules when you need application-level (Layer 7) enforcement, for example, to limit or block access to non-business related traffic.

You can create any number of application rules in one role.

Note

Note

ExtremeWireless WiNG APs always apply L2 rules before trying any other rules.

To configure application rules:

  1. Select Configure > Roles from the menu.
  2. Select Add to add a new role. Alternatively, select an existing role to open the Configuration page.
  3. Expand the L7 Rules section. To create a new rule, select New. Edit the fields in the new row that appears. Alternatively, select an existing row to edit.
    Note

    Note

    The rules are applied from top to bottom.
    Click to expand in new window
    Edit and Set Order for Layer 7 Rules
    GUID-FCF1B38D-28DB-4416-A097-C8B967052035-low.png
    Name Specify a name for the rule.
    Action Specify the action that the rule will take (Allow, Deny, Contain to VLAN or Redirect). A redirect rule requires a URL to redirect to.
    CoS Specify a class of service (None, No CoS, Scavenger, Best Effort, Bulk Data, Critical Data, Network Control, Network Management, High Priority).
    Search Lets you search on an application group name or on an individual application name.
    Group Specify the application group to which the application belongs. The groups are pre-defined and cannot be customized.
    Application Name Enter a unique name for the custom application.
  4. To further edit the rule details, select GUID-19C6669C-6510-4661-B54F-B5EA333B6046-low.png. Edit the fields.
    Click to expand in new window
    Application Rules Configuration
    GUID-4899ECC7-E178-42CE-899E-437797301C09-low.png
    Search Lets you search on an application group name or on an individual application name.
    Group Specify the application group to which the application belongs. The groups are pre-defined and cannot be customized.
    Application Specify the application name from the drop-down list. You can create a new rule anywhere in a policy, and create any number of application rules in a policy. For example, you can create a Web Application policy to limit the rule to web applications only.
    Note

    Note

    The GUID-8165B5C2-DE95-4E21-885A-564BBC1A5461-low.png button lets you create an extended (global) application from the selected application.
  5. Set the access control from the drop-down list and Class of Service. Select GUID-A0473562-B7CA-4A8B-A250-A6B65935AC73-low.png to add a Class of Service.
  6. Select Close > Save.
    All rule types are applied to the policy in top-to-bottom order. The policy is installed on the enforced APs.
If needed, you can create a policy to whitelist one or more applications. For more information about application rules, see Application Policies and Application Rules.
Published September 2019prev | next

Email this topicEmail this topic

Print this pagePrint this page