Clavister Application Control provides an effective way to block or control unauthorized or misbehaving applications. This centrally managed service-based solution recognizes over 1,000 applications and network protocols, and more importantly, over 5,000 meta data tags associated with applications and network protocols.
Clavister Application Control is available on wide range of Clavister products. Visit the list of supported products to see which products support Clavister Application Control.
Managing application control policies
Applying Clavister Application Control policies are as easy to define as regular Level 3 policies. To further enhance the usability of Clavister Application Control, it is possible to define Allow/Deny rules for specific users.
One of the strong points of Clavister Application Control is the ability to monitor application usage in your network. Some applications can disturb the network traffic by using too much resource or they can attract malicious traffic patterns or viruses.
Network interrogation scenario
As an example, an administrator notices that there is an increase in traffic going back and forth between the Internet and the internal network. Before taking any steps to curb this, the administrator enables Clavister Application Control. Studying the log files reveals that the offending application is a BitTorrent application originating from an IP address on the internal network. This information enables the administrator to act accordingly, either by blocking or applying traffic management to BitTorrent, but limit it to only 2 Mbps.
For applications that have a tendency to starve network traffic resources, you can apply traffic management to these applications. This gives you the ability to allocate the right amount of resources without having network congestion caused by applications.
Extending classification on layer 7 scenario
Another example could be if an administrator needs to verify that only MySQL traffic is using a Layer 3 rule and that no other applications are using the same ports. This can be achieved by activating Clavister Application Control on the Layer 3 rule and add MySQL as an allowed application. If any disallowed applications try to use the same ports, they are blocked.
Application rule sets
It is also possible to configure filters on application rule sets, support for lists of users and user groups, block and allow applications, and to apply traffic management functionality on applications. This enables you to make extremely efficient application rules, for example:
apply 'facebook' allow ‘facebook’ for group ‘marketing’
This rule enables the Facebook application but only for members of the group “Marketing”. All other users are denied, but any web site is allowed.
Logging and reporting
One of the key components in Clavister Application Control is the Clavister InControl Logging Agent (ILA) which is used for collecting application statistics. The statistics can then be processed, analyzed and presented in Clavister InControl using a wide range of display options, including online analytical processing (OLAP) functionality.
Clavister InControl enables you to view not only collected application control information, but all collected information, including IDP, AV and WCF information. This gives you a correlated view of collected information, which can be analyzed and distributed in various formats.
Using the associated meta data it is possible to refine policies for greater accuracy. For example, for generic HTTP traffic you can specify URL, user agent, web server, cookies and more than 60 additional meta data tags. Another example could be Yahoo Mail, where it is possible to specify receiver, subject, message and more than 50 additional meta data tags.
Note: Clavister cOS Stream does not support the current version of Clavister InControl.
We have made Clavister Application Control as easy and straight forward to configure as everything else in Clavister InControl. There is a tight integration between configuring Intrusion Detection and Prevention (IDP), Anti-Virus (AV) and Web-Content Filtering (WCF) and configuring Clavister Application Control.
For more information, download the Clavister Application Control Release Highlights brochure.