We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda CloudGen Firewall

This Firmware Version Is End-Of-Support

Documentation for this product is no longer updated. Please see End-of-Support for CloudGen Firewall Firmware for further information on our EoS policy.

How to Enable Layer 7 Application Profiling

  • Last updated on

Layer 7 Application Control is a legacy feature of the Barracuda NextGen Firewall F-Series. Barracuda Networks recommends using Application Control instead.

Before configuring Layer 7 Application Control in your firewall rules, you must enable it and configure default application handling and detection policies.

To use Layer 7 Application Control, you must have a valid Energize Updates subscription installed on the Barracuda NextGen Firewall F-Series.

Configure Application Detection

  1. Go to CONFIGURATION > Configuration Tree > Box > Infrastructure Services > General Firewall Configuration.
  2. In the left menu, select Application Detection.
  3. Click Lock.
  4. From the Enable Protocol Detection list, select yes.
  5. In the Application Detection Default Policy section, configure the default policy that will be applied to detected applications.
    Edit the following settings: 

    SettingDescription
    Application Policy

    Specifies how detected applications are handled. You can select one of the following policies:

    • No-Detection – Application detection is deactivated.
    • Detect-Only – Reports detected applications in the firewall access cache but takes no action.
    • Limit-Bandwidth – Limits the bandwidth for the traffic of detected applications. If you select this policy, you must enter the maximum bandwidth in the Application Bandwidth field.
    • Drop-Traffic – Blocks the traffic for detected applications.
    • Assign-QoS-Band – Assigns a QoS band to the traffic of detected applications, as specified by the default policy or the firewall rule.
    Application BandwidthMaximum  bandwidth in kilobits for the traffic of detected applications.
    Application QoS Band Shape Connector

    Default traffic shaping connector for the traffic of detected applications. You can select the Other check box and enter the ID value of the required shaping connector.

    A valid traffic shaping configuration is required to use this feature. You can choose a band from the predefined basic QoS profile template but you must still activate the overall use profile on the various network interfaces within the traffic shaping configurations.
  6. In the Application Detection Default Selection section, define the applications that the Barracuda NextGen Firewall F-Series must detect. By default, all supported applications are detected.
    • If you want to explicitly specify which applications must be detected, edit the following settings:
      • Use Preselected Applications - Select no.
      • Explicitly Add Applications - Add an entry for each application that the Barracuda NextGen Firewall F-Series must detect. 
    • If you want to use the preselected list of applications, edit the following settings:
      • Use Preselected Applications - Select yes.
      • Explicitly Skip Applications - Add an entry for each application that the Barracuda NextGen Firewall F-Series does not need to detect. 
    app.jpg
  7. Click Send Changes and Activate

Continue with How to Use Layer 7 Application Control in Firewall Rules.

Last updated on