New App Viewer (Policy Optimizer)

The Policy Optimizer
New App Viewer
shows you the Security policy rules that match downloaded cloud App-IDs from ACE. You can use Policy Optimizer to manage the newly identified applications and add them to cloned rules or to existing rules. Select
Policies
Security
to expose the
New App Viewer
in the
Policy Optimizer
portion of the interface and then select
New App Viewer
.
The upper portion of the screen is similar to
Objects
Application Filters
. It works in a similar manner and filters the Security policy rules shown in the lower portion of the screen. You can filter the rules that allow applications by category, subcategory, etc. The only categories and subcategories available for filtering are the ones that match the new applications on the rules listed in the lower half of the screen, so you don’t waste your time filtering for applications that aren’t there.
When you filter the rules, only the rules that include the filtered applications are shown in the lower portion of the screen. Rules that have not seen the apps in the filter are removed from the list. (You can see them all again by removing the filter.)
Click the number in the
Apps Seen
column to open the
Applications & Usage
dialog to change the way the firewall handles the cloud-based applications in Security policy. Add ACE App-IDs to Security policy rules using an Application Filter, an Application Group, Policy Optimizer, or by directly adding an ACE App-ID to a rule. Until you take one of these actions to control cloud-delivered App-IDs, the firewall continues to see the traffic as ssl, web-browsing, unknown-tcp, or unknown-udp traffic and uses existing ssl, web-browsing, unknown-tcp, or unknown-udp Security policy rules to control the applications.

Recommended For You