Overview
This article provides information on the use of layer 7 (L7) signatures to determine layer 7 applications.
Information
An L7 signature is used to determine layer 7 applications by deep packet inspection. It inspects using URL names, host servers, user interface protocols, and random port numbers used by the applications. It identifies specific traffic, and whether if it is used via web HTTP/HTTPS or application, and it helps to apply restrictions to that particular traffic.
In Exinda, when traffic is classified using L7 signatures in real-time monitoring, it cannot further recognize if it is being accessed via an application or web. The only way to do this is to determine which user is accessing the traffic, and what source they are using.