Fortinet Document Library

Version:

Version:


Table of Contents

Administration Guide

Download PDF
Copy Link

Matching multiple parameters on application control signatures

Application control signatures that support parameters (such as SCADA protocols) can have multiple parameters grouped together and matched at the same time. To match a member, traffic must match all of the parameters. To match a signature, at least one member must be matched.

To configure an application sensor with multiple parameters in the GUI:
  1. Go to Security Profiles > Application Control.
  2. Click Create New to create a new application sensor, or edit an existing sensor.
  3. In the Application and Filter Overrides table, click Create New.
  4. Add an application signature that has parameters, such as Facebook.App_Name.

  5. Click Create New to add parameters. Multiple parameters can be added to a member.

  6. Click OK.
  7. Add more members as needed.

  8. Click OK.
To configure an application sensor with multiple parameters in the CLI:
config application list
    edit "g-test"
        set other-application-log enable
        config entries
            edit 1
                set application 23813
                config parameters
                    edit 1
                        config members
                            edit 1
                                set name "application"
                                set value "22"
                            next
                            ...
                            edit 6
                                set name "application"
                                set value "Albatross"
                            next
                        end
                    next
                    edit 2
                        config members
                            edit 1
                                set name "application"
                                set value "test"
                            next
                            ...
                        end
                    next
                    edit 3
                        config members
                            edit 1
                                set name "application"
                                set value "Winner"
                            next
                        end
                    next
                    edit 4
                        config members
                            edit 1
                                set name "application"
                                set value "next"
                            next
                            edit 2
                                set name "application"
                                set value "pass"
                            next
                        end
                    next
                end
            next
            edit 2
                set category 2 6
            next
        end
    next
end

Matching multiple parameters on application control signatures

Application control signatures that support parameters (such as SCADA protocols) can have multiple parameters grouped together and matched at the same time. To match a member, traffic must match all of the parameters. To match a signature, at least one member must be matched.

To configure an application sensor with multiple parameters in the GUI:
  1. Go to Security Profiles > Application Control.
  2. Click Create New to create a new application sensor, or edit an existing sensor.
  3. In the Application and Filter Overrides table, click Create New.
  4. Add an application signature that has parameters, such as Facebook.App_Name.

  5. Click Create New to add parameters. Multiple parameters can be added to a member.

  6. Click OK.
  7. Add more members as needed.

  8. Click OK.
To configure an application sensor with multiple parameters in the CLI:
config application list
    edit "g-test"
        set other-application-log enable
        config entries
            edit 1
                set application 23813
                config parameters
                    edit 1
                        config members
                            edit 1
                                set name "application"
                                set value "22"
                            next
                            ...
                            edit 6
                                set name "application"
                                set value "Albatross"
                            next
                        end
                    next
                    edit 2
                        config members
                            edit 1
                                set name "application"
                                set value "test"
                            next
                            ...
                        end
                    next
                    edit 3
                        config members
                            edit 1
                                set name "application"
                                set value "Winner"
                            next
                        end
                    next
                    edit 4
                        config members
                            edit 1
                                set name "application"
                                set value "next"
                            next
                            edit 2
                                set name "application"
                                set value "pass"
                            next
                        end
                    next
                end
            next
            edit 2
                set category 2 6
            next
        end
    next
end