[Oisf-users] Application awareness
Vishal Kotalwar
vishalkv at altencalsoftlabs.com
Wed Jul 20 06:38:51 UTC 2016
Thanks Andreas for the reply, appreciate it.
what I can tell you is, how I may use this feature (probable use cases)
if implemented.
1) Control or blocking of traffic: Example - I may want to allow
Facebook.com but block the games (say Farmville) or facebook chat
2) Statistics: I may want to know how many people are using Chrome
browser in my network, more detailed could be chrome from desktop/laptop
and mobile; next level could be which OS on those devices (e.g. windows,
linux, mac, Blackberry, android, ios etc)
3) Rate limit: I may want to rate limit video/audio streaming
applications on my network to free up bandwidth
On 20-Jul-16 12:41 AM, Andreas Herz wrote:
> On 19/07/16 at 16:49, Vishal Kotalwar wrote:
>> Hi All,
>>
>> I was going through all the information on suricata through different
>> websites and articles but could not find any information on application
>> recognition or classification capability. Does suricata have this feature or
>> is it in road-map for next releases.
> There is no dedicated application awareness although this depends on a
> ruleset as well.
> It is a feature we're looking into, but would need a lot of work.
>
> Do you have some more details about how you would want such a feature?
>
--
Thanks & Regards,
Vishal V. Kotalwar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160720/92c4f5e0/attachment-0002.html>
More information about the Oisf-users
mailing list