https://live.paloaltonetworks.com/t5/general-topics/rule-any-any-with-no-security-profile/m-p/247896#M70530 <P><SPAN>MAny thanks for great info.</SPAN></P><P><SPAN>Much appreciated&nbsp;answering the question</SPAN></P> Tue, 29 Jan 2019 01:51:47 GMT MP18 2019-01-29T01:51:47Z https://live.paloaltonetworks.com/t5/general-topics/rule-any-any-with-no-security-profile/m-p/247841#M70517 <P>need to confirm if i use rule with any any and no security profile does it do any layer 7 inspection?</P><P>&nbsp;</P><P>is this same as app override?</P> Mon, 28 Jan 2019 20:02:48 GMT https://live.paloaltonetworks.com/t5/general-topics/rule-any-any-with-no-security-profile/m-p/247841#M70517 MP18 2019-01-28T20:02:48Z https://live.paloaltonetworks.com/t5/general-topics/rule-any-any-with-no-security-profile/m-p/247858#M70520 <P><a href="https://live.paloaltonetworks.com/t5/user/viewprofilepage/user-id/75039">@MP18</a>,</P><P>It still does layer-7 inspection and the application will still be identified. Essentially you would just be allowing any traffic and the firewall won't have any actions to take when it identifies a threat.&nbsp;</P><P>&nbsp;</P> Mon, 28 Jan 2019 20:38:18 GMT https://live.paloaltonetworks.com/t5/general-topics/rule-any-any-with-no-security-profile/m-p/247858#M70520 BPry 2019-01-28T20:38:18Z https://live.paloaltonetworks.com/t5/general-topics/rule-any-any-with-no-security-profile/m-p/247859#M70521 <P>IF you do this:</P><P>&nbsp;</P><P>&lt;SRC IP&gt; any &lt;DST IP&gt; any &lt;APP&gt; any &lt;DST PRT&gt; any&nbsp;</P><P>&nbsp;</P><P>There will be no controls around L7 enforcement.&nbsp; It will still identify application and ports, but shouldn't enforce any policy or control around what port an application uses.</P> Mon, 28 Jan 2019 20:39:54 GMT https://live.paloaltonetworks.com/t5/general-topics/rule-any-any-with-no-security-profile/m-p/247859#M70521 Brandon_Wertz 2019-01-28T20:39:54Z https://live.paloaltonetworks.com/t5/general-topics/rule-any-any-with-no-security-profile/m-p/247875#M70525 <P>If you don't attach security profile then application is identified but traffic is not checked against threats.</P><P>Also no threat prevention logs will appear in firewall (including URL filtering) for traffic that matched this rule.</P> Mon, 28 Jan 2019 22:53:45 GMT https://live.paloaltonetworks.com/t5/general-topics/rule-any-any-with-no-security-profile/m-p/247875#M70525 Raido_Rattameister 2019-01-28T22:53:45Z https://live.paloaltonetworks.com/t5/general-topics/rule-any-any-with-no-security-profile/m-p/247895#M70529 <P>MAny thanks for great info</P> Tue, 29 Jan 2019 01:51:10 GMT https://live.paloaltonetworks.com/t5/general-topics/rule-any-any-with-no-security-profile/m-p/247895#M70529 MP18 2019-01-29T01:51:10Z https://live.paloaltonetworks.com/t5/general-topics/rule-any-any-with-no-security-profile/m-p/247896#M70530 <P><SPAN>MAny thanks for great info.</SPAN></P><P><SPAN>Much appreciated&nbsp;answering the question</SPAN></P> Tue, 29 Jan 2019 01:51:47 GMT https://live.paloaltonetworks.com/t5/general-topics/rule-any-any-with-no-security-profile/m-p/247896#M70530 MP18 2019-01-29T01:51:47Z