topic Re: FTD Application block in Network Security

FTD Application block

gaboughanem — Fri, 21 Feb 2020 17:16:43 GMT

Hello,

I have a FTD version 6.2.3.13 and an ACP containing 1000's of rules and hundred of zones.

I want to block an application such as facebook for the entire environment.

If I create a rule at the top of the ACP policy and set the zone and network as "any" with application "facebook " and action as "block". This would cause all the other 1000s rule below that rule to be useless, where ALL the traffic other than facebook will be matching this rule and this traffic would be allowed.

The question is how to block application X globally (for any network src and dst) in an ACP with causing the above behavior?

Regards,

George

Re: FTD Application block

gaboughanem — Thu, 04 Jul 2019 13:33:17 GMT

Correction:

The question is how to block application X globally (for any network src and dst) in an ACP ""without"" causing the above behavior?

Re: FTD Application block

Marvin Rhoads — Thu, 04 Jul 2019 14:33:04 GMT

If the application is not equal to "facebook", then the new top rule will not match and the subsequent rules will be evaluated.