© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Creating Application Classes Working with Variables and Application Classes
© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Objectives At the end of this lesson, you will be able to meet these objectives: Identify the purpose of creating application classes Describe the purpose of configuring static and dynamic application classes Describe how to configure an application class Create a dynamic application class Describe how to configure application class management options
© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Web Browsers Application Class iexplore.exe netscape.exe Processes Generated by Allowed Applications Include/Exclude Application Classes
© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Built-In Application Classes
© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Configurable Built-In Application Classes
© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Process Process defined in application class based on name Dynamic Application ClassStatic Application Class Process defined in application class based on behavior Static and Dynamic Application Classes
© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Configuring an Application Class
© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Defining a Dynamic Application Class Steps to define a dynamic application class: 1. Create a new application class by clicking the When Dynamically Defined by Policy Rules radio button. 2. Configure an application builder rule to dynamically populate this application class. 3. Configure another rule to control the actions of this dynamic application class.
© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Practice: Creating a Dynamic Application Class
© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Application Class Management
© 2006 Cisco Systems, Inc. All rights reserved. HIPS v Summary Application classes are groups of application files combined under a common name. Built-in application classes are default preconfigured application classes shipped with CSA MC. Some of these built-in classes can be configured to suit your network security requirements. Static application classes are defined by the names of the application executables. Dynamic application classes are defined based on the behavior of an application.
© 2006 Cisco Systems, Inc. All rights reserved. HIPS v