An application filter is an object that dynamically groups applications based on
application attributes that you define, including category, subcategory, technology,
risk factor, and characteristic. This is useful when you want to safely enable
access to applications that you do not explicitly sanction, but that you want users
to be able to access. For example, you may want to enable employees to choose their
own office programs (such as Evernote, Google Docs, or Microsoft Office 365) for
business use. To safely enable these types of applications, you could create an
application filter that matches on the Category
business-systems
and the Subcategory
office-programs
. As new applications office programs
emerge and new App-IDs get created, these new applications will automatically match
the filter you defined; you will not have to make any additional changes to your
policy rulebase to safely enable any application that matches the attributes you
defined for the filter.