topic Can custom appIDs, without signatures, be applied directly to a security policy? in Custom Signatures https://live.paloaltonetworks.com/t5/custom-signatures/can-custom-appids-without-signatures-be-applied-directly-to-a/m-p/577931#M498 <P>For this discussion, we created custom appID `myApp`, it has NO signature.</P> <P>&nbsp;</P> <P>If `myApp` uses port 22, the port of another known app (SSH), then to use `myApp`, it must be applied to an App Override policy.</P> <P>&nbsp;</P> <P>But what if `myApp` uses unique port 2121, can then `myApp` be applied directly to a security policy or does it still need to be added to an App Override policy?&nbsp;&nbsp;</P> <P>&nbsp;</P> <P>We want to create simple appIDs, with no signature, to be applied to various security policies so we can A) ID the app in the policy without having to reference a service port and B) to be able to cleanly/clearly ID the traffic in traffic logs.</P> <P>&nbsp;</P> <P>All the existing documentation I have found references creating custom appIDs using a port of a known app, but I can't find references to unique ports.&nbsp; As well, the documentation seems to imply that any apps applied to a security policy must have a signature while also implying custom apps without a signature must still use App Override policies.&nbsp; Its not very clear...IMO.</P> <P>&nbsp;</P> <P>Thanks</P> Wed, 21 Feb 2024 19:21:06 GMT rolinger 2024-02-21T19:21:06Z Can custom appIDs, without signatures, be applied directly to a security policy? https://live.paloaltonetworks.com/t5/custom-signatures/can-custom-appids-without-signatures-be-applied-directly-to-a/m-p/577931#M498 <P>For this discussion, we created custom appID `myApp`, it has NO signature.</P> <P>&nbsp;</P> <P>If `myApp` uses port 22, the port of another known app (SSH), then to use `myApp`, it must be applied to an App Override policy.</P> <P>&nbsp;</P> <P>But what if `myApp` uses unique port 2121, can then `myApp` be applied directly to a security policy or does it still need to be added to an App Override policy?&nbsp;&nbsp;</P> <P>&nbsp;</P> <P>We want to create simple appIDs, with no signature, to be applied to various security policies so we can A) ID the app in the policy without having to reference a service port and B) to be able to cleanly/clearly ID the traffic in traffic logs.</P> <P>&nbsp;</P> <P>All the existing documentation I have found references creating custom appIDs using a port of a known app, but I can't find references to unique ports.&nbsp; As well, the documentation seems to imply that any apps applied to a security policy must have a signature while also implying custom apps without a signature must still use App Override policies.&nbsp; Its not very clear...IMO.</P> <P>&nbsp;</P> <P>Thanks</P> Wed, 21 Feb 2024 19:21:06 GMT https://live.paloaltonetworks.com/t5/custom-signatures/can-custom-appids-without-signatures-be-applied-directly-to-a/m-p/577931#M498 rolinger 2024-02-21T19:21:06Z