Firewall rule with content/application matching for custom QoS/Gateway configurations
Allow firewall rules to "match" by application, and thus permit custom routing/qos. E.g (Streaming out lower cost WAN1, VoIP out faster/more expensive WAN2)
This would be (layer7) application based (Not Subnet/Port based)


We are making improvements in this area with version 18.
4 comments
-
Prism commented
Hi Richard,
Is there any news on this request? Will this feature be available on v18.5?
Thanks!
-
William de Vos - IMPROVES B.V. commented
Hi Richard,
Can you explain these "improvements"? I heard something about SSL scanning related App matching, what we want is firewall rules matching Apps, currently firewall rules only match destination IP/FQDN.
-
Ali Akbar commented
This was the key difference between PALOALTO and FORTIGATE.
FORIGATE with version 5.6 started this approach and are way ahead of the competition now.Sophos team needs to work hard as this approach has created many sales opportunities where sophos always failed.
There is no ETA also for the feature.
-
William de Vos - IMPROVES B.V. commented
I support this idea, much easier to create firewall rules that get hit when matching app gets detected then to create a complete app control filter just because alot of different traffic is hitting the same firewall rule.