Disable new App-IDs included in a content
release to immediately benefit from protection against the latest
threats while continuing to have the flexibility to later enable App-IDs
after preparing necessary policy updates. You can disable all App-IDs
introduced in a content release, set scheduled content updates to
automatically disable new App-IDs, or disable App-IDs for specific
Policy rules referencing App-IDs only match
to and enforce traffic based on enabled App-IDs.
cannot be disabled and only allow a status of enabled. App-IDs that
cannot be disabled included some application signatures implicitly
used by other App-IDs (such as unknown-tcp). Disabling a base App-ID
could cause App-IDs which depend on the base App-ID to also be disabled.
For example, disabling facebook-base will disable all other Facebook App-IDs.
Disable all App-IDs in a content release
or for scheduled content updates.
To disable all new App-IDs introduced in a content
Application and Threats content release. When prompted, select
new apps in content update
. Select the check box to
disable apps and continue installing the content update; this allows
you to be protected against threats, and gives you the option to
enable the apps at a later time.
Disable new apps in content update
downloads and installations of content releases.
Disable App-IDs for one application or multiple applications
at a single time.
To quickly disable a single application or multiple
applications at the same time, click
. Select one or
more application check box and click
To review details for a single application, and then disable
the App-ID for that application, select
. You can use this step to disable both pending
App-IDs (where the content release including the App-ID is downloaded
to the firewall but not installed) or installed App-IDs.
Enable App-IDs that you previously disabled by selecting
Select one or more application check box and click
open the details for a specific application and click