The Appliance Manager provides you with many ways to define and organize the applications you use. These include the following:Silver Peak appliances have over 120 built-in applications. For the latest information regarding default port numbers, see http://www.iana.org/assignments/port-numbers.When you create MATCH criteria in policies or ACLs, you have access to these applications via a drop-down list.
TCP Port Number(s) UDP Port Number(s) 7778, 27000, 28001–28002, 29000 EMC Avamar
[override ms_zone 29000] Backweb is a generic, background downloading tool that software vendors can incorporate into their product to download data (for example, product updates) to the user's PC. 8888 replication5085 session management 3218 data3682 management 1494, 2512–2513, 2598 7648–7652, 24032 1100, 1106, 6320, 6325 1100 old data6320 new data FileNet TMS Transfer Management SystemFileNet RPC Remote Procedure CallFileNet RMI Remote Method Invocation 8020–8021, 9000–9001, 50010, 50020, 50030, 50060, 50070, 50075, 50090, 50100, 50105, 50470, 500475 80, 591, 8008, 8080 WWW Hypertext Transfer Protocol (HTTP - RFC 1945, 2068, 2069, 2109, 2145) 143 IMAP2 and IMAP4220 IMAP3 585 secure IMAP (IMAP4-SSL)993 IMAP4 over SSL (IMAPS) A collection of IP security measures that comprise an optional tunneling protocol for IPv6; IP protocol AH and ESP 860 iSCSI system port3260 used for iSCSI connections Lightweight Directory Access Protocol
(LDAP over TCP - RFC 1777) 1433 Microsoft SQL Server1434 Microsoft SQL Monitor 6073, 28800–28999, 29001–29100, 47624 Network Time synchronization Protocol -- protocol providing time across a network with precise clocks; implemented over TCP and UDP 1521, 1525–1527, 1529, 1571, 1575, 1600, 1610, 1620, 1754, 1808–1809, 2481–2484 PeopleSoft enterprise application software
[detected from Oracle] 179 BGP Border Gateway Protocol201 RTM P Routing Table Messaging Protocol 3200, 330–3388, 3390–3399, 3600–3681, 3683–3699 [Redirection cluster (should never be seen in current flows); added for completeness] Session Initiated Protocol, or Session Initiation Protocol, an application-layer control protocol; a signaling protocol for Internet Telephony
• 118 SQL Services150 Oracle SQL*NET156 SQL Service 5000–5001, 5050, 5100–5101 In the menu bar, click Configuration > Application > Built-in to access the Configuration - Built-in Application page.
You can also define custom applications, by associating an application name with a protocol and a port number. For more granularity in the definitions, the standard MATCH criteria parameters are available:
•
•
•
• User-defined applications (UDA) are available in the Match Criteria when configuring any of the traffic maps (Route, Optimization, QoS), Access [Control] Lists (ACLs), or application groups.
n When creating a custom application on one appliance, you must create the same application on each corresponding device so that there is reporting symmetry. Doing so ensures that if an application has a name on one appliance, it isn’t listed as unassigned application on another, paired appliance.
n When it comes to flow and application statistics reports, user-defined applications are always checked before built-in applications.
n Ports are unique. If a port or a range includes a built-in port, then the custom application is the one that lays claim to it.
n If two distinctly named user-defined applications have a port number in common, then report results will be skewed, depending on the priority assigned to the custom applications. A port is only counted once.In the menu bar, click Configuration > Application > User-Defined to access the Configuration - User-Defined Applications page.
• You can create an application that uses the same port with tcp and with udp. In that case, use the option, tcp/udp.
• If you select tcp, udp, or tcp/udp, then you can access the Port field. If you don’t select one of those three specific protocols, then the Port field(s) are unavailable.
• If a UDA is in use, deleting it deletes all the dependent entries. A warning message appears before deletion.
• Multiple UDAs can have the same name. Whenever that name is referenced, the software sequentially matches against each UDA definition having that name. So, dependent entries are only deleted when you delete the last definition of that UDA.
• To allow any IP address, use 0.0.0.0/0.
•
• If your ACLs or policy maps contain MATCH conditions that involve multiple applications, you can simplify the MATCH criteria with application groups.For example, an application group, secure, might include SSH, HTTPS, and SFTP.
• You can modify the contents of an application group even when it’s used by an ACL or policy map. But you can’t rename it if it’s being used.
• If an application group is in use, deleting it deletes all the dependent entries. A warning message appears before deletion.When creating an application group on one appliance, you must create the same application group on each corresponding device so that there is reporting symmetry. Doing so ensures that if an application group has a name on one appliance, it isn’t listed as unassigned application on another, paired appliance.
1 In the menu bar, click Configuration > Application > Groups to access the Configuration - Application Groups page.
Please send comments or suggestions regarding user documentation to techpubs@silver-peak.com. |