Home  :  Products  :  Technology  :  App-ID

App-ID

In order to bring application visibility and control back to the IT department, Palo Alto Networks began with a clean sheet of paper, designing a traffic classification technology to accurately identify the applications traversing the network.  The result is App-ID™, a patent-pending traffic classification technology that enables administrators to determine exactly which applications are running on their network, irrespective of port, protocol, SSL encryption, or evasive tactic employed. In the past, if an unapproved or non-work-related application was detected on the corporate network, it was summarily removed or blocked. Today, the remove or block as the default response may not be appropriate due to the widespread use (often at the executive level) of these applications and their potential business benefits. 

A more pragmatic approach is to weigh the business impact against the security risks and in order to do that, administrators need to know more about the application. Using the application identity and description generated by App-ID, along with the application behavioral characteristics, the respective categories and subcategories and its underlying technology, administrators are empowered to make more informed decisions on how to treat an application traversing the network.

 

With increased visibility into the identity and behavior of the application, administrators can deploy comprehensive, policy-based application usage control for both inbound and outbound network traffic. With App-ID, IT can now:

  • Improve network visibility by accurately identifying application traffic irrespective of port and protocol.
  • Enhance security by dictating access rights based upon the actual application traffic as opposed to simply the port and protocol.
  • Increase malware threat detection and prevention effectiveness.

 


 

Whereas traditional port-based solutions use a single classification technique to identify traffic, App-ID goes well beyond any other network security technology available, using multiple classification techniques to accurately identify the application -- even those that use evasive tactics such as SSL encryption, port hopping and emulation. App-ID inspects all of the traffic passing through the firewall, with one or more of these techniques – including application protocol detection and decryption, application protocol decoding, application signatures, and heuristic analysis – to quickly identify the specific application associated with each packet stream.

Learn more by downloading App-ID datasheet MORE

RELATED LINKS :

Datasheet Download

Learn more about App-ID MORE

Watch Demo

App-ID Technology Overview MORE

Analyst Whitepaper       Download

Learn more about Next Generation Firewalls MORE

"The days when port = protocol = application are behind us. An increasing percentage of enterprise network traffic is being funneled through a few well-known ports, more port-hopping or dynamic application content, such as Web 2.0. In many cases, traffic is being encrypted."

Greg Young
Research Vice President
Gartner