Applications and Usage
- Policies > Security > Policy Optimizer > No App Specified > Compare (or click the number in Apps Seen)
- Policies > Security > Policy Optimizer > Unused Apps > Compare (or click the number in Apps Seen)
- Policies > Security and click the number in Apps Seen
On the Usage tab of the Security policy rule, you can also Compare Applications & Applications Seen to access tools that help you to migrate from port-based Security policy rules to application-based Security policy rules and to eliminate unused applications from rules in Applications & Usage.
The time period for the application information:
Apps on Rule
The applications configured on the rule or Any if no specific applications are configured on the rule. You can Browse, Add, and Delete applications as needed, and applications are configured on a rule, the circled number next to Apps on Rule indicates how many. Adding applications from this location is the same as adding applications on the Security policy rule Application tab.
All applications seen and allowed on the firewall that matched the rule. The circled number next to Apps Seen indicates how many applications were seen on the rule.
Apps Seen Actions
Actions you can perform on Apps Seen:
Add to This Rule dialog
Add Apps to Existing Rule dialog
When you select applications from Apps Seen and Create Cloned Rule or Add to Rule that have related applications, these dialogs list:
The Clone, Add to Rule, and Add Apps to Existing Rule dialogs help to ensure that applications don’t break and enable you to future-proof the rule by including relevant individual applications that are related to the applications you’re cloning or adding to a rule.
Migrate Port-Based to App-ID Based Security Policy Rules
Policy Optimizer converts port-based Security policy rules to app-based rules without compromising app availability to safely enable applications. ...
Convert the Web Access Rule Using Subcategories
Convert legacy port-based HTTP/HTTPS (port 80/443) internet access rules to application-based rules. ...
Identify Security Policy Rules with Unused Applications
Policy Optimizer finds Security policy rules that specify applications not seen on your network so you can remove the unused apps to reduce the attack ...
Convert Rules With Few Apps Seen Over a Time Period
Convert legacy port-based security policy rules that have seen the fewest applications to application-based rules. ...
Rule Cloning Migration Use Case: Web Browsing and SSL Traffic
Example of migrating port-based Security policy rules for web browsing and SSL traffic to app-based rules without affecting application availability. ...
Convert the Most Stable Rules
Convert legacy port-based security policy rules that have seen no new applications for a period of time to application-based rules. ...
Migrate to Application-Based Policy Using Policy Optimizer
Convert legacy port-based Security policy rules to application-based rules to gain visibility into and control over applications. ...
Security Policy Rule Usage
Security Policy Optimizer Policies > Security > Policy Optimizer Policies Security Policy Optimizer displays: No App Specified —Rules that have the application set to any ...
Convert Simple Rules with Few Well-Known Applications
Convert legacy port-based security policy rules that control a small number of well-known applications after one week of monitoring production traffic. ...