https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26751#M681 <HTML><HEAD></HEAD><BODY><P>Also refer <A _jive_internal="true" href="https://live.paloaltonetworks.com/docs/DOC-1071">https://live.paloaltonetworks.com/docs/DOC-1071</A></P></BODY></HTML> Tue, 25 Jun 2013 03:29:53 GMT sraghunandan 2013-06-25T03:29:53Z https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26748#M678 <HTML><HEAD></HEAD><BODY><P>Do I require a security rule if I create an application override rule?</P></BODY></HTML> Fri, 09 Nov 2012 23:38:12 GMT https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26748#M678 lisiecki 2012-11-09T23:38:12Z https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26749#M679 <HTML><HEAD></HEAD><BODY><P>yes, you will need a security policy rule to allow/block the custom app from your app override rule.</P></BODY></HTML> Sat, 10 Nov 2012 00:25:23 GMT https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26749#M679 SRA 2012-11-10T00:25:23Z https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26750#M680 <HTML><HEAD></HEAD><BODY><P>Hi lisiecki,</P><P></P><P>If we see in <A _jive_internal="true" href="https://live.paloaltonetworks.com/docs/DOC-2344">https://live.paloaltonetworks.com/docs/DOC-2344</A><SPAN style="font-size: 10pt; line-height: 1.5em;">, </SPAN><SPAN style="font-size: 10pt; line-height: 1.5em;">there will be no scanning performed on the session</SPAN><SPAN style="font-size: 10pt; line-height: 1.5em;"> in Application Override.</SPAN></P></BODY></HTML> Tue, 25 Jun 2013 03:14:14 GMT https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26750#M680 mgp 2013-06-25T03:14:14Z https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26751#M681 <HTML><HEAD></HEAD><BODY><P>Also refer <A _jive_internal="true" href="https://live.paloaltonetworks.com/docs/DOC-1071">https://live.paloaltonetworks.com/docs/DOC-1071</A></P></BODY></HTML> Tue, 25 Jun 2013 03:29:53 GMT https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26751#M681 sraghunandan 2013-06-25T03:29:53Z https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26752#M682 <HTML><HEAD></HEAD><BODY><P>I have a related question about application override.</P><P></P><P>Let's say we created custom app my-telnet.</P><P>Then we created an application override rule which identifies traffic let's say from network 10.10.10.0/24 to host 172.24.24.24 on port 24 as my-telnet</P><P>In security rules we have a more general rule allowing traffic from 10.0.0.0/8 to 172.24.0.0/16 for all applications on all ports. (so basically custom application my-telnet is not used anywhere in security policy)</P><P>Will session from 10.10.10.0/24 to host 172.24.24.24 on port 24 be recognised as my-telnet? </P></BODY></HTML> Wed, 23 Jul 2014 08:42:16 GMT https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26752#M682 santonic 2014-07-23T08:42:16Z https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26753#M683 <HTML><HEAD></HEAD><BODY><P>you will need to have the specific rule before the general rule for it to be recognized.&nbsp; Firewall rules are processed from top down and stop processing on the first match.</P></BODY></HTML> Wed, 23 Jul 2014 09:50:17 GMT https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26753#M683 pulukas 2014-07-23T09:50:17Z https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26754#M684 <HTML><HEAD></HEAD><BODY><P>Thanx for the answer but I think you're wrong.</P><P>I've decided to test it; I've created 'myapp' with no protocol/port.. definition.</P><P>I've created application override rule saying anything from certain IP address to destination port 222 is 'myapp'</P><P>I've created security policy with one rule which allows all traffic for all apps on any port.</P><P>Session from the IP address defined in application override rule to port 222 was recognised as 'myapp'</P></BODY></HTML> Wed, 23 Jul 2014 10:38:20 GMT https://live.paloaltonetworks.com/t5/automation-api-discussions/application-override/m-p/26754#M684 santonic 2014-07-23T10:38:20Z