App-ID identifies the applications traversing your network—regardless of port, protocol, encryption, or any evasive tactics—so that you can safely enable desired applications and block unwanted applications. Palo Alto Networks releases new App-IDs on a monthly basis that your security policy can begin to enforce without any additional configuration. While this dynamic enforcement of applications enables the firewall to control application traffic with ever-increasing precision, it can also impact the availability of mission-critical applications on which your organization relies.
Now, you no longer need to weigh availability for mission-critical applications against equipping the firewall with the latest application knowledge; with the following options, you can do both, and it’ll be easier for you to move to and maintain an application-based security policy:
- Characteristic to Enforce and Monitor New App-IDs —Ensure application availability for critical enterprise applications as new App-IDs are introduced, and get visibility into new App-ID activity on your network.
- Extended Policy Impact Review for Content Releases —Now, review how both downloaded and currently installed content releases impact security policy enforcement, for both new and modified App-IDs. (Previously, you could only perform a policy impact review for new App-IDs before installing a content release).
- Coverage Change Details for Modified App-IDs —Get details on how coverage for modified applications is now expanded or more precise.