To safely enable applications on your network, the Palo Alto Networks next-generation firewalls provide both an application and web perspective—App-ID and URL Filtering—to protect against a full spectrum of legal, regulatory, productivity, and resource utilization risks.
App-ID enables visibility into the applications on the network, so you can learn how they work and understand their behavioral characteristics and their relative risk. This application knowledge allows you to create and enforce security policy rules to enable, inspect, and shape desired applications and block unwanted applications. When you define policy rules to allow traffic, App-ID begins to classify traffic without any additional configuration.
New and modified App-IDs are released as part of Applications and Threat Content Updates—follow the Best Practices for Applications and Threats Content Updates to seamlessly keep your application and threat signatures up-to-date.
- App-ID Overview
- App-ID and HTTP/2 Inspection
- Manage Custom or Unknown Applications
- Manage New and Modified App-IDs
- Use Application Objects in Policy
- Safely Enable Applications on Default Ports
- Applications with Implicit Support
- Security Policy Rule Optimization
- Application Level Gateways
- Disable the SIP Application-level Gateway (ALG)
- Use HTTP Headers to Manage SaaS Application Access
- Maintain Custom Timeouts for Legacy Applications
Workflow to Best Incorporate New and Modified App-IDs
Workflow to Best Incorporate New and Modified App-IDs Refer to this master workflow to first set up Application and Threat content updates, and then to ...
Disable and Enable App-IDs
Disable and Enable App-IDs You can disable all App-IDs introduced in a content release if you want to immediately benefit from the latest threat prevention, ...
Manage New App-IDs Introduced in Content Releases
Manage New and Modified App-IDs New and modified App-IDs are delivered to the firewall as part of Applications and Threat Content Updates Applications and Threats ...
Applications and Threats Content Updates
Applications and Threats content updates equip Palo Alto Networks next-gen firewalls with the very latest threat prevention and application identification technology. ...
See the New and Modified App-IDs in a Content Release
See the New and Modified App-IDs in a Content Release For both downloaded and installed content updates, you can see a list of the new ...
Maintain the Data Center Best Practice Rulebase
As conditions in your data center change, update the Security policy rulebase accordingly. Modify rules to control new and modified applications, protect new servers and ...
Best Practices for Content Updates—Mission-Critical
Follow these best practices to deploying content updates in a mission-critical network, where application availability is top priority. ...
Maintain the Rulebase
Maintain the Rulebase Because applications are always evolving, your application whitelist also needs to evolve. Each time you make a change in what applications you ...
App-ID Features Policy Optimizer Optimize security policy by migrating legacy rules to application-based rules and removing unused applications from rules, without compromising availability. HTTP/2 Inspection ...