At Palo Alto Networks, we're always looking for ways to provide better application visibility and control to our customers to help them safely enable these applications. An important part of this effort is to prepare customers for upcoming changes that carry a policy impact for a very popular application.
With the Application and Threat Content Release of July 17, we have the following plan put in place for AirWatch and Sharepoint-Online App-IDs.
airwatch: VMware AirWatch is a Mobile device management (MDM), a device lifecycle management technology that enables IT to deploy, configure, manage, support and secure mobile devices through MDM profiles installed on the devices.
sharepoint-online functional App-IDs:Sharepoint-online is an integral part of the Microsoft Office365 suite that allows users to share and collaborate documents within the Office 365 ecosystem. We are releasing new granular App-IDs to identify uploading, downloading, sharing and editing activity forsharepoint-online.
palo-alto-gp-mfa-notification :MultiFactor Authentication gateway (firewall) sendsan UDPnotification message to GlobalProtect client, when the client accesses a non-browser (such as SSH) based resource, to notify the client/end-user to authenticate first before accessing the resource.
For both these new App-IDs, we foresee a policy impact where customers' existing policies might not accommodate new App-IDs. To help customers absorb these new App-ID updates without a policy impact, we are putting together the following plan:
July 17, 2018: We will be releasing the following placeholders App-IDsThe placeholder App-IDs allow our customers to make any necessary policy changes to their firewalls ahead of time. A placeholder App-ID is just a shell that you can insert in security policies but does not have any signature in it.
August 21, 2018 : We will functionally enable the placeholder App-IDs and all relevant traffic for these applications will start matching these App-IDs.
Be ready! Customers can view theFAQsand more here.