Ensure Critical New App-IDs are Allowed
New App-IDs can cause a change in policy enforcement for traffic that is newly-identified as belonging to a certain application. You can now add the predefined New App-ID application filter to a security policy rule in order to use only new App-IDs as match criteria for the rule. You can choose to enforce all new App-IDs, or target the security policy rule to enforce certain types of new App-IDs (for example, enforce only authentication or software development applications). Set the security policy rule to Allow to ensure that even if an App-ID release introduces expanded or more precise coverage for critical applications, the firewall continues to allow them. New App-IDs are released on the third Tuesday of every month, and the application filter provides coverage for only those applications in the latest release. This gives you a month’s time (or, if the firewall is not installing content updates on a schedule, until the next time you manually install content) to assess how newly-categorized applications might impact security policy enforcement and make any necessary adjustments.
- Select ObjectsApplication Filters and Add a new application filter.
- Define the types of new applications for which you want to ensure constant availability based on subcategory or characteristic. For example, select the category “auth-service” to ensure that any newly-installed applications that are known to perform or support authentication are allowed.
- Only after narrowing the types of new applications that you want to allow immediately upon installation, select Apply to New App-IDs only.
- Select PoliciesSecurity and add or edit a security policy rule that is configured to allow matching traffic.
- Select Application and add the new Application Filter to the policy rule as match criteria.
- Click OK and Commit to save your changes.
- To continue to adjust your security policy to account
for any changes to enforcement that new App-IDs introduce:
- Get Increased Visibility Into New App-ID Activity —Monitor and get reports on new App-ID activity.
- Extended Policy Impact Review for Content Releases —See how the newly-installed App-IDs impact your existing security policy rules.