An application filter is an object that dynamically
groups applications based on application attributes that you define, including
category, subcategory, technology, risk factor, and characteristic.
This is useful when you want to safely enable access to applications
that you do not explicitly sanction, but that you want users to
be able to access. For example, you may want to enable employees
to choose their own office programs (such as Evernote, Google Docs,
or Microsoft Office 365) for business use. To safely enable these
types of applications, you could create an application filter that matches
on the Category business-systems and the Subcategory office-programs.
As new applications office programs emerge and new App-IDs get created,
these new applications will automatically match the filter you defined;
you will not have to make any additional changes to your policy
rulebase to safely enable any application that matches the attributes
you defined for the filter.