https://live.paloaltonetworks.com/t5/general-topics/what-application-should-be-allowed-if-want-allow-port-443/m-p/9970#M7300 <HTML><HEAD></HEAD><BODY><P>If you are unsure which application to allow, just open service tcp/443 and check the application in the traffic logs. You can then change the security policy rule to the correct application and application default as service.</P></BODY></HTML> Wed, 04 Feb 2015 09:38:20 GMT Tijl 2015-02-04T09:38:20Z https://live.paloaltonetworks.com/t5/general-topics/what-application-should-be-allowed-if-want-allow-port-443/m-p/9967#M7297 <HTML><HEAD></HEAD><BODY><P>We have to allow https (443) to access an application over internet. So what application should be allowed?</P></BODY></HTML> Tue, 03 Feb 2015 17:43:22 GMT https://live.paloaltonetworks.com/t5/general-topics/what-application-should-be-allowed-if-want-allow-port-443/m-p/9967#M7297 vsingh 2015-02-03T17:43:22Z https://live.paloaltonetworks.com/t5/general-topics/what-application-should-be-allowed-if-want-allow-port-443/m-p/9968#M7298 <HTML><HEAD></HEAD><BODY><P>Hello Vsingh,</P><P></P><P>Palo Alto FW's are not like a traditional port based firewall, hence you have specify the application i.e SSL, in order to allow the traffic.</P><P></P><P><IMG alt="SSL.jpg" class="image-0 jive-image" src="https://live.paloaltonetworks.com/legacyfs/online/18143_SSL.jpg" style="height: 361px; width: 620px;" /></P><P></P><P>You may check our <A href="https://applipedia.paloaltonetworks.com/" title="https://applipedia.paloaltonetworks.com/">Application Research Center</A> for more details.</P><P></P><P></P><P>Thanks</P></BODY></HTML> Tue, 03 Feb 2015 17:52:45 GMT https://live.paloaltonetworks.com/t5/general-topics/what-application-should-be-allowed-if-want-allow-port-443/m-p/9968#M7298 HULK 2015-02-03T17:52:45Z https://live.paloaltonetworks.com/t5/general-topics/what-application-should-be-allowed-if-want-allow-port-443/m-p/9969#M7299 <HTML><HEAD></HEAD><BODY><P>It will depend on requirement and granularity you are trying to achieve. There are many applications that runs of Port 443. You have couple of options :</P><P></P><P>1. Allow ports 443 (HTTPS) under Services in Security Policy (This will allow all application running on port 443)</P><P></P><P>2. Allow SSL as application, this by default runs on 443 so it will be allowed. Hope this helps. Thank you.</P></BODY></HTML> Tue, 03 Feb 2015 18:02:39 GMT https://live.paloaltonetworks.com/t5/general-topics/what-application-should-be-allowed-if-want-allow-port-443/m-p/9969#M7299 ssharma 2015-02-03T18:02:39Z https://live.paloaltonetworks.com/t5/general-topics/what-application-should-be-allowed-if-want-allow-port-443/m-p/9970#M7300 <HTML><HEAD></HEAD><BODY><P>If you are unsure which application to allow, just open service tcp/443 and check the application in the traffic logs. You can then change the security policy rule to the correct application and application default as service.</P></BODY></HTML> Wed, 04 Feb 2015 09:38:20 GMT https://live.paloaltonetworks.com/t5/general-topics/what-application-should-be-allowed-if-want-allow-port-443/m-p/9970#M7300 Tijl 2015-02-04T09:38:20Z