Ensure Critical New App-IDs are Allowed
Create a security policy rule that allows critical App-IDs (like authentication or software development applications) as they’re installed. This gives you the flexibility to get the latest threat prevention without worrying about how the accompanying new App-IDs impact security policy enforcement.
New App-IDs can cause a change in policy enforcement for traffic that is newly-identified as belonging to a certain application. To mitigate any impact to security policy enforcement, you can use the New App-ID characteristic in a security policy rule so that the rule always enforces the most recently introduced App-IDs without requiring you to make configuration changes when new App-IDs are installed. The New App-ID characteristic always matches to only the new App-IDs in the most recently installed content releases. When a new content release is installed, the new App-ID characteristic automatically begins to match only to the new App-IDs in that content release version.
You can choose to enforce all new App-IDs, or target the security policy rule to enforce certain types of new App-IDs that might have network-wide or critical impact (for example, enforce only authentication or software development applications). Set the security policy rule to Allow to ensure that even if an App-ID release introduces expanded or more precise coverage for critical applications, the firewall continues to allow them.
New App-IDs are released monthly, so a policy rule that allows the latest App-IDs gives you a month’s time (or, if the firewall is not installing content updates on a schedule, until the next time you manually install content) to assess how newly-categorized applications might impact security policy enforcement and make any necessary adjustments.
- Select ObjectsApplication Filters and Add a new application filter.
- Define the types of new applications for which you want to ensure constant availability based on subcategory or characteristic. For example, select the category “auth-service” to ensure that any newly-installed applications that are known to perform or support authentication are allowed.
- Only after narrowing the types of new applications that you want to allow immediately upon installation, select Apply to New App-IDs only.
- Select PoliciesSecurity and add or edit a security policy rule that is configured to allow matching traffic.
- Select Application and add the new Application Filter to the policy rule as match criteria.
- Click OK and Commit to save your changes.
- To continue to adjust your security policy to account
for any changes to enforcement that new App-IDs introduce:
- Monitor New App-IDs—Monitor and get reports on new App-ID activity.
- See the New and Modified App-IDs in a Content Release—See how the newly-installed App-IDs impact your existing security policy rules.
Ensure Critical New App-IDs are Allowed
Ensure Critical New App-IDs are Allowed New App-IDs can cause a change in policy enforcement for traffic that is newly-identified as belonging to a certain ...
Monitor New App-IDs
Get visibility into newly-categorized App-IDs on your network, so that you are best equipped to update your security policy to most effectively control application traffic. ...
Manage New App-IDs Introduced in Content Releases
Manage New and Modified App-IDs New and modified App-IDs are delivered to the firewall as part of Applications and Threat Content Updates Applications and Threats ...
Workflow to Best Incorporate New and Modified App-IDs
Workflow to Best Incorporate New and Modified App-IDs Refer to this master workflow to first set up Application and Threat content updates, and then to ...
New App-ID Characteristic
New App-ID Characteristic The New App-ID characteristic is now found throughout the firewall web interface; in several different contexts, it enables you to filter for ...
Disable and Enable App-IDs
Disable and Enable App-IDs You can disable all App-IDs introduced in a content release if you want to immediately benefit from the latest threat prevention, ...
See How New and Modified App-IDs Impact Your Security Polic...
See How New and Modified App-IDs Impact Your Security Policy Newly-categorized and modified App-IDs can change the way the firewall enforces traffic. Perform a content ...
Simplified App-ID App-ID identifies the applications traversing your network—regardless of port, protocol, encryption, or any evasive tactics—so that you can safely enable desired applications and ...