How to automate rules with App-ID

Reply
L0 Member

How to automate rules with App-ID

How can you automate firewall rule creation when App-ID is used? This seems easy enough on a port-based firewall, but I have yet to see anything addressing APP-ID. A typcial flow could look like this:


user submits firewall request form

appropriate approvals submitted

automation handles the form 

automation provisions the firewall based on the approved user request

 

How are people handling the automation/form submittal process when App-ID is used? The APP-ID webpage provides information as to what applications are available but does not seem to fit the use case listed above.

 

Hope you are having a great day!

L3 Networker

Re: How to automate rules with App-ID

One of the workflows I've seen allows users to select AppIDs on the FW CR form. Depending on your user base you could limit the AppID list to a curated selection, or do something fancy like filter based on which port the user selects.  You can pull the AppID DB from the firewalls/Panorama using the API, and the Application Default ports are listed for each AppID, so the data could come from there.

L0 Member

Re: How to automate rules with App-ID

Thanks! I was trying to parse the data from the App-ID website, I didnt realize I could use the local API.

L3 Networker

Re: How to automate rules with App-ID

I like the curated selection approach that @drogers mentions because it will silmplify the request process and require less rework when the wrong application is selected.  Giving an end-user a choice of 3,000+ App-ID signatures would be asking for trouble.

 

Screen Shot 2019-07-30 at 6.01.40 PM.png

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!