SD-WAN Application/Service Tab
Application/Service tab in the SD-WAN policy rule configuration window.
Application/Servicetab to specify the applications or services to which the SD-WAN policy rule applies and to specify profiles (Path Quality, SaaS Quality, and Error Correction profiles) that apply to the applications or services.
Path Quality Profile
Select a path quality profile that determines the maximum jitter, latency and packet loss percentage thresholds you want to apply to the specified applications and services. If a path quality profile has not yet been created, you can create a
New SD-WAN Path Quality Profile.
SaaS Quality Profile
Select a SaaS quality profile to specify the path quality thresholds for latency, jitter, and packet loss for a hub or branch firewall that has Direct Internet Access (DIA) link to a Software-as-a-Service (SaaS) application. If a SaaS quality profile has not yet been created, you can create a
New SaaS Quality Profile. Default is
Error Correction Profile
Error Correction Profileor create a new Error Correction Profile, which specifies the parameters to control forward error correction (FEC) or path duplication for the applications or services specified in the rule. This profile can be used by either hub or branch firewall. Default is
Addspecific applications for the SD-WAN policy rule, or select
Any. If an application has multiple functions, select the overall application or individual functions. If you select the overall application, all functions are included and the application definition is automatically updated as future functions are added.
If you are using application groups, filters, or containers in the SD-WAN policy rule, view details of these objects by hovering over the object in the Application column, opening the drop-down, and selecting
Value. This allows you to view application members directly from the policy without having to navigate to the
Add only business-critical applications that are affected by latency, jitter, or packet loss. Avoid adding application categories or sub-categories as these are too broad and do not allow for per-application control.
Addspecific services for the SD-WAN policy rule and select on which ports packets from these services are allowed or denied:
When you use this option, only the default port matches the SD-WAN policy and action is enforced. Other services not on the default port may be allowed depending on the Security policy rule, but do not match the SD-WAN policy, and no SD-WAN policy rule action is taken.
For most services, use
application-defaultto prevent the service from using non-standard ports or exhibiting other evasive behaviors. If the default port for the service changes, the firewall automatically updates the rule to the correct default port. For services that use non-standard ports, such as internal custom services, either modify the service or create a rule that specifies the non-standard ports and apply the rule only to the traffic that requires the service.
Recommended For You
Recommended videos not found.