How can you automate firewall rule creation when App-ID is used? This seems easy enough on a port-based firewall, but I have yet to see anything addressing APP-ID. A typcial flow could look like this:
user submits firewall request form
appropriate approvals submitted
automation handles the form
automation provisions the firewall based on the approved user request
How are people handling the automation/form submittal process when App-ID is used? The APP-ID webpage provides information as to what applications are available but does not seem to fit the use case listed above.
Hope you are having a great day!
Solved! Go to Solution.
One of the workflows I've seen allows users to select AppIDs on the FW CR form. Depending on your user base you could limit the AppID list to a curated selection, or do something fancy like filter based on which port the user selects. You can pull the AppID DB from the firewalls/Panorama using the API, and the Application Default ports are listed for each AppID, so the data could come from there.
I like the curated selection approach that @drogers mentions because it will silmplify the request process and require less rework when the wrong application is selected. Giving an end-user a choice of 3,000+ App-ID signatures would be asking for trouble.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!