Applies To:Show Versions
Application Filter Configuration
About SWG configurations that support application filtering
Secure Web Gateway (SWG) supports application filtering for use with or without an SWG subscription for specific configurations only.
SWG supports application filtering in these configurations:
- Explicit forward proxy
- Transparent forward proxy
- LTM SSL forward proxy with SWG
SWG does not support application filtering in these configurations:
- Remote access forward proxy
- Web access management (APM® and LTM® in reverse proxy mode)
About application families
Secure Web Gateway (SWG) supports a predefined set of application families and applications. An application family name characterizes the type of applications associated with it. Users cannot add applications or application families to SWG.
About application filters
An application filter specifies the applications (and application families) that Secure Web Gateway (SWG) supports and a filtering action (allow or block) for each application. An application filter can be used in a per-request policy in a supported SWG configuration to control access to supported applications.
SWG provides predefined application filters: block-all, allow-all, and default. The default application filter allows access to some application families and blocks access to others. Users can define their own application filters and use those that SWG provides.
Overview: Configuring filters for application access
Secure Web Gateway (SWG) provides a few default application filters and you can configure additional filters. Application filtering is effected in a per-request policy in supported SWG configurations.
Specifying the default filter action for an application
On the Main tab, click
.The Applications screen displays.
- To view applications, expand an application family.
To modify the default filter action for an application:
Click the application name.
An Application Properties screen displays.
From the Default Filter Action list, retain the
displayed setting or select another.
The options are Block and Allow.
The Applications screen displays.
- Click the application name.
Configuring application filters
On the Main tab, click
.Click the name of any filter to view its settings.Note: Default application filters, such as block-all, allow-all and default, are available. You cannot delete default application filters.The Application Filters screen displays.
To configure a new application filter, click one of these:
Another screen opens.
- Create button - Click to start with an application filter with the default filter action specified for each application.
- Copy link - Click this link for an existing application filter in the table to start with its settings.
- In the Name field, type a unique name for the application filter.
- In the Description field, type any descriptive text.
The properties screen displays with an Associated Applications table.
To block access to particular applications or entire application families,
select them and click Block.
Important: When you select an application family, you also select the related applications. You can expand the application family and clear any applications that are selected.Important: To block any applications that Secure Web Gateway cannot categorize, select the application family Unknown.
- To allow access to particular applications or entire application families, select them and click Allow.