Workflow to Best Incorporate New and Modified App-IDs
Refer to this master workflow to first set up Application and Threat content updates, and then to best incorporate new and modified App-IDs into your security policy. Everything you need to deploy content updates is referenced here.
- Align your business needs with an approach to
deploying Application and Threat content updates.Learn how Applications and Threat Content Updates work, and identify your organization as either mission-critical or security-first. Understanding which of these is most important to your business will help you to decide how to best deploy content updates and apply best practices to meet your business needs. You might find that you want to apply a mix of both approaches, perhaps depending on firewall deployment (data center or perimeter) or office location (remote or headquarters).
- Review and apply the Best Practices for Applications and Threats Content Updates based on your organization’s network security and application availability requirements.
- Configure a security policy rule to always allow new
App-IDs that might have network-wide impact, like authentication
or software development applications.The New App-ID characteristic matches to only the App-IDs introduced in the latest content release. When used in a security policy, this gives you a month’s time to fine tune your security policy based on new App-IDs while ensuring constant availability for App-IDs that fall into critical categories (Ensure Critical New App-IDs are Allowed).
- Set the schedule to Deploy Application and Threat Content Updates; this includes the option to delay new App-ID installation until you’ve had time to make necessary security policy updates (using the New App-ID Threshold).
- After you’ve setup a content updates installation schedule, you’ll want to regularly check in and See the New and Modified App-IDs in a Content Release.
- You can then See How New and Modified App-IDs Impact Your Security Policy, and make adjustments to your security policy as needed.
- Monitor New App-IDs to get a view into new App-ID activity on your network, so that you’re best equipped to make the most effective security policy updates.
Manage New App-IDs Introduced in Content Releases
Manage New and Modified App-IDs New and modified App-IDs are delivered to the firewall as part of Applications and Threat Content Updates Applications and Threats ...
Ensure Critical New App-IDs are Allowed
Create a security policy rule that allows critical App-IDs (like authentication or software development applications) as they’re installed. This gives you the flexibility to get ...
Applications and Threats Content Updates
Applications and Threats content updates equip Palo Alto Networks next-gen firewalls with the very latest threat prevention and application identification technology. ...
Disable and Enable App-IDs
Disable and Enable App-IDs You can disable all App-IDs introduced in a content release if you want to immediately benefit from the latest threat prevention, ...
Monitor New App-IDs
Get visibility into newly-categorized App-IDs on your network, so that you are best equipped to update your security policy to most effectively control application traffic. ...
App-ID To safely enable applications on your network, the Palo Alto Networks next-generation firewalls provide both an application and web perspective—App-ID and URL Filtering—to protect ...
Best Practices for Content Updates—Mission-Critical
Follow these best practices to deploying content updates in a mission-critical network, where application availability is top priority. ...
Maintain the Data Center Best Practice Rulebase
As conditions in your data center change, update the Security policy rulebase accordingly. Modify rules to control new and modified applications, protect new servers and ...
Deploy Applications and Threats Content Updates
Take these steps to activate a Threat Prevention license and to set the schedule for a Palo Alto Networks next-gen firewall to get the latest ...