Use tags to improve application and policy management.
You can now safely enable a broad set of applications
with common attributes using a single policy rule (for example,
you can allow your users broad access to web-based applications
or safely enable all enterprise VoIP applications). Palo Alto Networks
takes on the task of researching applications with common attributes
and delivers this through tags in dynamic content updates. This:
Minimizes errors and saves time.
Helps you to create policies that automatically update to handle
newly released applications.
Simplifies the transition toward an App-ID based rule set using Policy Optimizer.
firewall can then use your tag-based application filter to dynamically enforce
new and updated App-IDs, without requiring you to review or update
policy rules whenever new applications are added. This reduces the
chances that new or updated App-IDs will impact application availability
or that a risky application is misclassified. You aren't required
to know and assess every single application and can create policy
rules based on the tag. For categories with higher risk, this also makes
policy rules more precise as content updates keep the policy rules current.
you choose to exclude applications from a specific tag, new content
updates honor those exclusions. You can also use your own tags to
define applications types based on your policy requirements.