Add Applications to an Existing Rule

Use Policy Optimizer to add apps seen on a port-based Security policy rule to an existing application-based rule.
In some cases, you may want to add applications learned (seen) on a port-based rule to an application-based rule that already exists. For example, an administrator may create a cloned application-based rule for file-sharing applications from a port-based rule that allows internet access (a port 80/443 rule). A few days later, the administrator notices that the port-based internet access rule has seen more file-sharing applications and wants to add some or all of them to the cloned application-based rule because cloning another application-based rule for the same type of application would create an unnecessary rule and complicate the rulebase.
This example uses file-sharing applications to show you how to add applications to an existing rule.
  1. You have already taken the following steps to clone an application-based rule from the port-based internet access rule so you can control file-sharing apps:
    1. Clicked Compare (or the number in Apps Seen) in PoliciesSecurityPolicy OptimizerNo App Specified and filtered the file-sharing applications.
      apps-and-usage-file-sharing-apps-filter.png
    2. Selected the desired file-sharing applications and created a cloned rule.
      create-cloned-rule-file-sharing-apps.png
    3. Changed the Service from service-http and service-https to application-default.
  2. You check the port-based internet access rule later and discover that more file-sharing applications you need to allow for your business have been seen on the rule.
    apps-and-usage-file-sharing-apps-more-next-day.png
  3. Select the file-sharing apps you want to add to the existing rule.
    apps-and-usage-file-sharing-select-apps-add-to-existing-rule.png
  4. Click Add to Existing Rule and select the Name of the rule to which you want to add the applications, in this case, file-sharing-apps.
    add-apps-to-existing-rule-file-sharing.png
  5. Click OK to add the selected applications to the file-sharing-apps rule.
    add-apps-to-existing-rule-file-sharing-name-populated.png
  6. The updated rule now controls the original cloned file-sharing applications and the applications you just added.
    file-sharing-rule-updated-apps-alt-view.png

Related Documentation