Use application objects to reference applications when creating application-aware access rules. The Applications view lets you create predefined application lists to be employed in rulesets. When creating a new application object, you can also include (reference to) other application objects that are already configured.
Default Application Objects
The following application objects, required in Microsoft Windows domains, are available by default in the Barracuda Personal Firewall:
Application | Connection | Description |
---|---|---|
System | Out / In | Services needed by the OS kernel. |
TCP/IP Ping Command | Out / In | - |
lsass.exe | Out | Local Security Authority Service. Process responsible for management of local security authority domain authentication and Active Directory management. |
services.exe | Out | Upon startup, services.exe enumerates through all registry sub-keys located in the HKEY_LOCAL_MACHINE\Services registry key. |
spoolsv.exe | Out | The Windows Printer Spooler stores printer jobs and forwards them to the printer when it is ready. |
userinit.exe | Out | By default, WinLogon executes this application that triggers logon scripts, re-establishes network connections, etc. |
winlogon.exe | Out | This application manages security-related user interactions in Windows NT. It handles requests to log on or off, to change passwords, etc. |
svchost.exe | Out | This is a generic host process name for services run from dynamic-link libraries (DLLs). There can be multiple instances of svchost.exe running at the same time. |
Create a New Application Object
- Select New in the bottom bar or from the context menu in the Applications window.
- Specify a Name for the application object.
- Optionally, insert a Description.
- Click New to specify an application. The Application Entry Parameters window opens.
- Click Browse and select the file you want to create the object for. The path to the file and its inherent file description will be displayed in the Path and Description fields below.
Click Generate to create an MD5 hash in order to clearly identify the selected file as soon as it is executed. MD5 hash creation is recommended in order to avoid file corruption and a vulnerable PC after an attack. Note that in case an application equipped with an MD5 hash is used on multiple clients, file versions must match exactly. The application object will otherwise not be applicable.
Click OK to add the application to the list.
- Repeat steps 4 - 7 for every application that you want to include in the object.
- Click OK to create the application object.
To save configuration changes made on the Barracuda CloudGen Firewall, click Send Changes and Activate. To save configuration changes made on the Barracuda Personal Firewall, use the option provided on the page, or click the Alt key, expand the Firewall menu, and select Save Configuration.