non signature traffic

Reply
L3 Networker

non signature traffic

Can someone explain to me how the PA handles potential day zero traffic that doesn't conform to or have any signatures?

Thanks

Rod

L6 Presenter

Re: non signature traffic

Those flows will be identified as appid unknown-p2p, unknown-tcp or unknown-udp which you can (if you wish) create security rules for how you wish to handle those flows (for example deny). Or for that matter QoS profiles so unknown traffic gets lowest prio in your network.

L3 Networker

Re: non signature traffic

Smashing - thanks for taking the time to respond.

Rod

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!