Tag Based on Traffic

We can use tags to direct traffic through policies, block/allow content, and more. Devices can be manually tagged, but some situations may require you to tag the traffic itself instead of the host devices. For example you may only want to bypass a user when they are using a specific application or certain websites.


In these cases you can tag traffic based on many different conditions from the Config > Events > Triggers Tab. 


Create a new trigger for the event you want to tag. 

IMPORTANT: Tag Lifetime - Keep this setting low if you only want the host filtered during the use of the tag event. For example, you want the Netflix app bypassed, but not other traffic from the device, you want it to keep checking for that event to create a new tag and not bypass normal traffic.

Example: Application Control Event for Netflix App

  1. Go to Application Control > Applications. Search for Netflix. Copy the value for the application.
  2. Close Application Control and go to Config > Events > Triggers. Add a new rule. 
    • The Class will be "ApplicationControlLogEvent"
    • Add a condition for "application"
    • Enter the value you copied from Application Control, in this case "NETFLX"
    • Action Type is "Tag Host"
    • Target is "activeHosts"
    • Tag name can be whatever you want it to be
    • Set the Tag Lifetime to an appropriate value that accounts for the average length of time any given session may be. In this case, since we're streaming content that is between 20 minutes and 2 hours, anything between 10 minutes and 100 minutes should be fine.



Once the tag is set, you are able to filter the traffic however is needed for your circumstances (bypass rules, firewall rules, different policies, TunnelVPN route rules, etc.).


Was this article helpful?
2 out of 5 found this helpful
Have more questions? Submit a request



Please sign in to leave a comment.

Powered by Zendesk