New and modified App-IDs are delivered to the firewall as part of Applications and Threats Content Updates. While new and modified App-IDs enable the firewall to enforce your security policy with ever-increasing precision, changes in security policy enforcement that can occur when a content update release is installed can impact application availability. For this reason, you will need to think about how to best deploy content updates so that you can get the latest threat prevention as it’s made available, and adjust your security policy to best leverage new and modified App-IDs.

The following options enable you to assess the impact of new App-IDs on existing policy enforcement, disable (and enable) App-IDs, and seamlessly update policy rules to secure and enforce newly-identified applications:

You can also take advantage of the Streamlined App-ID Policy Rules that use application tags provided in the content updates.