To safely enable applications and ensure top performance in your business, you must classify all traffic, across all ports, all the time. The flexible architecture of App-ID, a standard feature on our Next Generation Security Platform, allows you to easily create custom application signatures. These are useful to identify and control applications in the following circumstances:
Custom App-IDs can also be used in App-ID override rules (to override a device’s App-ID). An application override rule forcibly bypasses the App-ID process and sets a session to match a manually configured application name. For example, your corporate web server might be plainly identified as “web browsing,” and you might want to override with a specific name so it’s easily recognizable in the Application Command Center (ACC) and reports.
The following custom App-IDs were created to identify applications with topical interest.
Activities like these can have a dramatic effect on network traffic, given employee interest and the sheer volume of video streamed over the corporate network. Such events are also frequently used by attackers to spread malware. By creating custom application signatures, organizations can whitelist ALL applications, including those not identified by default. This results in the safe enablement of applications and a reduced surface area for attacks. These and future custom App-IDs can be accessed on the Palo Alto Networks Live Community.
You can create a signature-based custom App-ID by following these steps:
Inbuilt and custom App-IDs can reduce the attack surface and build stronger defenses against successful cyber breaches for your organization. To learn more:
By submitting this form, you agree to our Terms of Use and acknowledge our Privacy Statement. Please look for a confirmation email from us. If you don't receive it in the next 10 minutes, please check your spam folder.