Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Creating a Custom Application (NSM Procedure)

    You use the NSM Object Manager to create a custom application.

    To create a custom application object:

    1. In the NSM Object Manager, select Application Objects.
    2. Click the Custom Application Objects tab.
    3. Click the + icon to display the New Custom Application dialog box, shown in Figure 1.
    4. Configure custom application properties, as described in Table 1.
    5. Click OK to save the object.

    Figure 1: NSM Object Manager: New Custom Application Dialog Box

    Image s036771.gif

    Table 1: NSM Object Manager: Custom Application Objects

    Tab

    Property

    Configuration Guidelines

    General

    Name

    Specify a descriptive name. Use the conventions of the predefined application object names as a model.

    Application Category

    Specify an application category. Use the same categories as the predefined application objects, or specify a new category if needed.

    Supported Platforms

    Click the edit icon to display the selection box. Then select the platforms you plan to test against.

    Port Ranges

    Specify the range of TCP and UDP ports where the application might run. The application is identified only if the server port is within the specified range.

    Detector

    Port Binding

    (Optional) Specify the standard ports on which the application usually runs.

    Signature

    Specify a pattern match for client-to-server and server-to-client directions. IDP OS Release 5.1 supports only DFA patterns, not PCRE.

    Minimum data length

    Specify a minimum data length to examine to match this pattern.

    Signature Match Order

    Specify a signature match order. Order numbers are relative to each other. In cases where traffic matches multiple objects, an application object with the lower signature match-order number is considered the match. Be sure to examine all applications that might have the same protocol, port, and pattern; and then select a relative match order suited for the results you expect.


    Published: 2011-02-08