Applications

Application signature describe the characteristic features of certain network applications. They are used in the firewall to analyze traffic at OSI Layer 7 for the purposes of intrusion detection and prevention. Application signatures are created by UserGate developers and added to the system automatically when the correspondent license is present. You can create custom signatures and add them to the application library.

To create a custom application signature, go to Libraries ➜ Application signatures and click Add. After that, specify the signature properties and describe its characteristic features using the UASL syntax. Fill in the following fields:

Name

Description

Type

Signature type:

  • app: application

  • proto: protocol

  • support: supplementary signature

Id

Signature group ID.

Name

The name of the signature.

Description

Signature description.

Threat level

Threat level defined by the signature. The following values are defined:

  • 1: very low

  • 2: low

  • 3: medium

  • 4: high

  • 5: very high

Technology

Application technology:

  • browser-based: browser-based web application

  • client-server: client-server application

  • network-protocol: network protocol

  • peer-to-peer: peer-to-peer application

Category

A signature category is a group of signatures that have common parameters. The list of categories can be extended.

  • Media streaming

  • Email

  • Coin Miners

  • Tunneling

  • Games

  • Remote access

  • Conferencing

  • Trojan Horses

  • Business

  • Mobile

  • Proxies and anonymizers

  • Standard networks

  • VOIP

  • Web posting

  • Software update

  • File storage and backup

  • Web browsing

  • File sharing P2P

  • Instant messaging

  • Social networking

UASL

Description of the signature's features using the UASL syntax.