Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Version History

« Previous Version 6 Next »

Creating Application Filters

NOTE: If you are creating an application filter to be used with local on-prem resolution, then you must add Allow - Local Resolution as the default action to your security policy. Application filters are available to subscribers of BloxOne Threat Defense Advanced. For more information on how to add an action to a security policy, see Adding Policy Rules and Setting Precedence. 

To create an application filter, complete the following:

  1. From the Cloud Services Portal, click Policies -> Security Policies.

  2. On the Security Policies page, click the Filters tab located above the top Action bar.

  3. On the Filters page, click Create Filter on the top Action bar.

  4. From among the options displayed (Create Category Filter or Create App Filter), click Create App Filter.

  5. On the Create Application Filter page, complete the following:

    • Name: Enter a name for the content application filter. Ensure that you use a unique name for each filter. This is a required field.

    • Description: Enter a brief description of the filter. You can enter up to 256 characters.

  6. From the applications list, APPLICATIONS, expand the AVAILABLE list by clicking on the respective arrow next to the application type. Within each application category, sub categories are listed. You can add an entire application category or select among the subcategories to include in your application filtering policy. Application category filter/subcategory filter types include:

Application Categories

Application Subcategories

Business App Suite

163 Cloud
Adobe Creative Cloud
Articulate 360
Autodesk
Azure Cloud Services
BrightSpot
Google Docs Editors
Microsoft 365
Microsoft Office
mParticle
Tableau Software
Yandex.Cloud

Email

163 Email
Google Gmail
Microsoft Exchange
Microsoft Outlook
YahooMail

Cloud Backup and Storage

1fichier Cloud
4shared
ADrive
Allway Sync
Blomp
Box
DepositFiles
Dropbox
Filestack
Google Drive
Google Photos
HiDrive
HP Cohesity
iCloud
Jottacloud
Koofr
MediaFire
Microsoft OneDrive
Microsoft Substrate
MiMedia
pCloud
Sharefile
Sync
Synology NAS
WEB.DE Online Storage
WeTransfer
Yandex Disk
Zippyshare

Communication

8x8
Google Chat
Google Voice
Microsoft Edge
Microsoft Teams
Mozilla Firefox
RingCentral
Slack
Webex

Content Delivery Network (CDN)

Akamai CDN
Vimeo

Other

AddThis
Google Maps
Medium
Narrative
OpenStreetMap

Platform as a Service (PaaS)

AWS IoT 1-Click
Amazon AppStream 2.0
IAM Access Analyzer
ACM
ACM Private CA
Kinesis Data Streams
Kinesis Video Streams
Alexa for Business
Amplify
Mechanical Turk
Organizations
API Gateway
AWS AppConfig
Application Discovery Service
Amazon AppFlow
CloudWatch Application Insights
App Mesh
App Runner
AWS AppSync
Resource Groups and Tagging
Auto Scaling
Application Auto Scaling
Secrets Manager
Athena
Audit Manager
AWS Auto Scaling
AWS BugBust
AWS Config
AWS Health
AWS Marketplace
AWS Support
AWS Batch
Billing and Cost Management
AWS Backup
Braket
CloudFormation
CloudFront
AWS Chatbot
Amazon Chime
AWS Cloud9
Cloud Control API
Cloud Directory
AWS CloudHSM
AWS Cloud Map
Amazon CloudSearch
CloudShell
CodeArtifact
CodeBuild
CodeCommit
CodeDeploy
CodeGuru Profiler
CodeGuru Reviewer
CodePipeline
AWS CodeStar
AWS CodeStar Notifications
Amazon Cognito Identity
Amazon Cognito Sync
Amazon Comprehend
Amazon Comprehend Medical
Compute Optimizer
Amazon Connect
Amazon Corretto 11
CloudTrail
CloudWatch Events
CloudWatch Logs
CloudWatch
CloudWatch Synthetics
DataBrew
AWS Data Exchange
AWS Data Pipeline
DataSync
AWS Direct Connect
DynamoDB
AWS DeepLens
AWS DeepRacer
Detective
Device Farm
DevOps Guru
Amazon Data Lifecycle Manager
AWS DMS
Elastic Disaster Recovery
AWS Directory Service
Amazon EBS
EC2 Instance Connect
Amazon EC2
Amazon ECR
Amazon ECR Public
Amazon ECS
Amazon EKS
ElastiCache
Elastic Beanstalk
Amazon EFS
Elastic Inference
Elastic Transcoder
Elastic Load Balancing
Amazon EMR
EventBridge
EventBridge Schemas
Kinesis Data Firehose
Firewall Manager
AWS FIS
Forecast
Amazon Fraud Detector
Amazon FSx
GameLift
S3 Glacier
Global Accelerator
AWS Glue
Amazon Managed Grafana
AWS IoT Greengrass V1
AWS IoT Greengrass V2
AWS Ground Station
GuardDuty
HealthLake
IAM
AWS Import/Export
EC2 Image Builder
Incident Manager
Amazon Inspector
AWS IoT Analytics
AWS IoT Core
AWS IoT Device Management
AWS IoT Events
AWS IoT RoboRunner
AWS IoT SiteWise
AWS IoT Things Graph
AWS IoT TwinMaker
Amazon IVS
Kinesis Data Analytics
Amazon Kendra
Amazon Keyspaces
AWS KMS
Lake Formation
Lambda
AWS Launch Wizard
Amazon Lex
License Manager
Lightsail
Lookout for Equipment
Lookout for Metrics
Lookout for Vision
AWS Mainframe Migration
Amazon ML
Macie
Managed Blockchain
MediaConnect
MediaConvert
MediaLive
MediaPackage
MediaStore
MediaTailor
Amazon MemoryDB for Redis
AWS Management Console
Application Migration Service
Migration Hub
AWS Migration Hub Refactor Spaces
Migration Hub Strategy Recommendations
Amazon MQ
Amazon MSK
Amazon MSK Connect
Amazon MWAA
Network Firewall
Network Manager
Nimble Studio
OpenSearch Service
AWS OpsWorks
AWS Outposts
Amazon Personalize
Amazon Pinpoint
Amazon Polly
Amazon Managed Service for Prometheus
AWS Proton
QLDB
Amazon QuickSight
Route 53
AWS RAM
Amazon RDS
Amazon Redshift
Amazon Rekognition
Resilience Hub
AWS RoboMaker
Amazon S3
SageMaker
Amazon SimpleDB
Security Hub
AWS Serverless Application Repository
AWS SMS
AWS Service Catalog
Service Quotas
Amazon SES
Storage Gateway
Shield Advanced
AWS Signer
AWS Sign-In
Snow Family
Amazon SNS
Amazon SQS
AWS Systems Manager
AWS SSO
Step Functions
AWS STS
Amazon SWF
Amazon Textract
Timestream
Amazon Transcribe
Transfer Family
Amazon Translate
Amazon VPC
AWS WAF Classic
AWS WAF
AWS Well-Architected Tool
Amazon WorkDocs
Amazon WorkLink
Amazon WorkMail
WorkSpaces
X-Ray
Boomi
Degoo
Google Play
Google Tag Manager
Software Development
Business App
Attendant Pro
AutoHotKey
Egnyte
Foxit Software
Granicus IQM2
KLCP
Microsoft
Microsoft Sharepoint
Microsoft Wallet app
mPulse
nextcloud
Okta
Oracle Advanced Support Gateway
RISA
Skype for Business
Smart Adserver Dashboard
Splunk
Taboola Backstage
Trello
Vorex
XMind
Security
BitDefender
CCleaner
Datadog
Devolutions Server
Digicert
Duo
Google Safe Browsing
ibossConnect
Kaseya VSA
KeePass
Microsoft Certificates
Mimecast
OPSWAT Mobile App
Qualys Time Server
Symantec Messaging Gateway

Software Development

Apache Software Foundation
Archi
Launch Darkly
Oracle Linux
Comprehensive R Archive Network (CRAN)
RStudio
Visual Studio Code

Business App

Attendant Pro
AutoHotKey
Egnyte
Foxit Software
Granicus IQM2
KLCP
Microsoft
Microsoft Sharepoint
Microsoft Wallet app
mPulse
nextcloud
Okta
Oracle Advanced Support Gateway
RISA
Skype for Business
Smart Adserver Dashboard
Splunk
Taboola Backstage
Trello
Vorex
XMind

Security

BitDefender
CCleaner
Datadog
Devolutions Server
Digicert
Duo
Google Safe Browsing
ibossConnect
Kaseya VSA
KeePass
Microsoft Certificates
Mimecast
OPSWAT Mobile App
Qualys Time Server
Symantec Messaging Gateway

Video Conferencing

Blue Jeans
Solstice

Information Technology

Bright Sign
Cisco Meraki
Dell
DisplayLink
HP Updates
Microsoft Diagnostic Data
Microsoft Settings
mRemoteNG
ThousandEyes
Ubuntu
VMware
Windows Spotlight
Windows Update

Consumer Services

Amazon Shopping
Bubble Witch
Candy Crush
CDBurnerXP
eBay
Feedly
Freedom Scientific
GIMP
iTunes
Microsoft OneNote
Netflix
Opera Software
PayPal
Plex
Poly
RealNetworks
Screenpresso
speedify
Speedpass
TinyURL
Vitalsource Bookshelf
Weather app
Windows Maps
Xbox Live

Remote Connectivity

code4ward
Splashtop
TeamViewer

Endpoint Protection

ePO
ESET Protect
Falcon
Kaspersky Endpoint Security
Malwarebytes
Microsoft Defender Antivirus

VPNs & Proxies

express_vpn
Hidester
HMA VPN
hotspot_shield
mullvad_vpn
proton_vpn
ProxyScrape
pure_vpn
safervpn
VPNFacile
vpn_unlimited
Your Freedom
Zscaler

Social Networking

Facebook
Instagram
Linkedin
Monster
OpenWeb
Pinterest
Spotify
Tencent Cloud
Tencent QQ
TikTok
Twitter
Whatsapp
Yahoo Messenger
Youtube

Search Engines

Bing
Google Cloud Search
Google Search
Yahoo Search
Yandex Search

Vulnerability Scanner

Nessus
Qualys Vulnerability Scan

        

7. From the From the AVAILABLE list select the checkboxes of the specific sub-applications you want to
include in the rule, and then use the arrows to move the selected subcategories from the
AVAILABLE list to the SELECTED list. You can include as many applications and sub-applications as
you want based on your needs.
8. To remove a sub-application from the SELECTED list, click the X located to the right of the sub-
application's name.
9. Click Save & Close to save or Cancel to cancel the configuration. BloxOne Threat Defense Cloud adds
the application filter to the list. You can now add the application filter to a security policy or to multiple
policies. For more information, see Configuring Security Policies.

NOTE: You cannot remove an existing application filter if it has been added and assigned an action in any security policies.

  • No labels