App-IDs for March

Community Manager

Palo Alto Networks Live Community covers the details of new App-IDs. Learn which new App-IDs are being released. Customers can view a complete list with details. Determine whether a new functional App-ID affects your security policy structure. Find the answers you need here in the Live Community.

 

Customers please review the new App-IDs and their full description: New App-IDs for March 19, 2019 Release.

We encourage Palo Alto Networks customers to understand the new applications and decide if you'd like to enable the new apps in your policy.

 

From this announcement:

  • Understand if you will get visibility and control for an application heavily used in your environment.
  • Determine whether a new functional App-ID for an existing application affects your security policy structure.

 

Name Description
bananatag Bananatag is an email tracking application that provides users with services including email tracking, file tracking, email sending & scheduling, and email notifications. Users can also download email reports and integrate the app to CRM. This App-ID covers the traffic of web-based bananatag app and its chrome extension.
cip-ethernet-ip-list-identity (functional) This App-ID provides operate functional control over EtherNet/IP. EtherNet/IP was introduced in 2001 and today is the most developed, proven and complete industrial Ethernet network solution available for manufacturing automation. EtherNet/IP is a member of a family of networks that implements the Common Industrial Protocol (CIP) at its upper layers. CIP encompasses a comprehensive suite of messages and services for a variety of manufacturing automation applications, including control, safety, synchronization, motion, configuration and information. As a truly media-independent protocol that is supported by hundreds of vendors around the world, CIP provides users with a unified communication architecture throughout the manufacturing enterprise. This protocol is typically used in Supervisory Control and Data Acquisition (SCADA) and Industrial Control System (ICS) applications.
cip-ethernet-ip-reg-session (functional) This App-ID provides operate functional control over EtherNet/IP. EtherNet/IP was introduced in 2001 and today is the most developed, proven and complete industrial Ethernet network solution available for manufacturing automation. EtherNet/IP is a member of a family of networks that implements the Common Industrial Protocol (CIP) at its upper layers. CIP encompasses a comprehensive suite of messages and services for a variety of manufacturing automation applications, including control, safety, synchronization, motion, configuration and information. As a truly media-independent protocol that is supported by hundreds of vendors around the world, CIP provides users with a unified communication architecture throughout the manufacturing enterprise. This protocol is typically used in Supervisory Control and Data Acquisition (SCADA) and Industrial Control System (ICS) applications.
cip-ethernet-ip-send-rr-data (functional) This App-ID provides operate functional control over EtherNet/IP. EtherNet/IP was introduced in 2001 and today is the most developed, proven and complete industrial Ethernet network solution available for manufacturing automation. EtherNet/IP is a member of a family of networks that implements the Common Industrial Protocol (CIP) at its upper layers. CIP encompasses a comprehensive suite of messages and services for a variety of manufacturing automation applications, including control, safety, synchronization, motion, configuration and information. As a truly media-independent protocol that is supported by hundreds of vendors around the world, CIP provides users with a unified communication architecture throughout the manufacturing enterprise. This protocol is typically used in Supervisory Control and Data Acquisition (SCADA) and Industrial Control System (ICS) applications.
cip-ethernet-ip-send-unit-data (functional) This App-ID provides operate functional control over EtherNet/IP. EtherNet/IP was introduced in 2001 and today is the most developed, proven and complete industrial Ethernet network solution available for manufacturing automation. EtherNet/IP is a member of a family of networks that implements the Common Industrial Protocol (CIP) at its upper layers. CIP encompasses a comprehensive suite of messages and services for a variety of manufacturing automation applications, including control, safety, synchronization, motion, configuration and information. As a truly media-independent protocol that is supported by hundreds of vendors around the world, CIP provides users with a unified communication architecture throughout the manufacturing enterprise. This protocol is typically used in Supervisory Control and Data Acquisition (SCADA) and Industrial Control System (ICS) applications.
cloudme CloudMe is a file storage service that offers cloud storage, file synchronization and client software.
flipgrid Flipgrid is a video discussion platform for educators, students, and families. This app-id identifies traffic from the flipgrid web-browser client.
fmtp FMTP is Flight Message Transfer Protocol used in a peer-to-peer communications context for the information exchange between flight data processing systems.
iec-61850 IEC 61850 is an international standard defining communication protocols for intelligent electronic devices at electrical substations. It is a part of the International Electrotechnical Commission's (IEC) Technical Committee 57[1] reference architecture for electric power systems. The abstract data models defined in IEC 61850 can be mapped to a number of protocols. Current mappings in the standard are to MMS (Manufacturing Message Specification), GOOSE (Generic Object Oriented Substation Event), SMV (Sampled Measured Values),[clarification needed] and soon to Web Services. These protocols can run over TCP/IP networks or substation LANs using high speed switched Ethernet to obtain the necessary response times below four milliseconds for protective relaying.
iec-61850-delete-named-var-list This App-ID provides operate functional control over IEC-61850. IEC 61850 is an international standard defining communication protocols for intelligent electronic devices at electrical substations. It is a part of the International Electrotechnical Commission's (IEC) Technical Committee 57[1] reference architecture for electric power systems. The abstract data models defined in IEC 61850 can be mapped to a number of protocols. Current mappings in the standard are to MMS (Manufacturing Message Specification), GOOSE (Generic Object Oriented Substation Event), SMV (Sampled Measured Values),[clarification needed] and soon to Web Services. These protocols can run over TCP/IP networks or substation LANs using high speed switched Ethernet to obtain the necessary response times below four milliseconds for protective relaying.
iec-61850-getdatadir The ACSI GetDataDirectory and GetDataDefinition service shall be mapped to the MMS GetVariableAccessAttributes service.
kami Kami is a PDF and document annotation app for schools. This app-id identifies traffic from the Kami web-browser client.
mms-ics Manufacturing Message Specification (MMS) is an international standard (ISO 9506) dealing with messaging systems for transferring real time process data and supervisory control information between networked devices or computer applications. The standard is developed and maintained by the ISO Technical Committee 184 (TC184). MMS defines the following A set of standard objects which must exist in every device, on which operations like read, write, event signaling etc. can be executed. Virtual manufacturing device (VMD) is the main object and all other objects like variables, domains, journals, files etc. comes under VMD. A set of standard messages exchanged between a client and a server stations for the purpose of monitoring or controlling these objects. A set of encoding rules for mapping these messages to bits and bytes when transmitted.
nerohut NeroHut is a javascript miner that is embedded in websites and uses CPU resources while you visit such sites to mine the monero cryptocurrency. This App-ID identifies such mining activity giving you the ability to get visibility into such traffic and block it in an enterprise environment.
paloalto-dns-security Palo Alto Network's DNS Security service is a cloud-based analytics platform which provides your firewall with access to DNS signatures generated using advanced predictive analysis and machine learning, with malicious domain data from a growing threat intelligence sharing community.
parim Parim is a staff and employee management and scheduling software. This app-id identifies traffic from the parim web-browser client.
rainbow Alcatel-Lucent Rainbow™ is a cloud-based, enterprise-grade, Unified Communication as a Service (UCaaS) and Communication Platform as a Service (CPaaS) that connects people and systems within an organization. This AppID identifies traffic from the rainbow web-browser client.
recruitee Recruitee is Software as a service (Saas) that functions as an applicant tracking system (ATS). This app-id identifies traffic from the recruitee web-browser client.
zoominfo Zoominfo is a content database for business communications. This app-id identifies traffic from the zoominfo web-browser client.

 

We welcome your comments, questions, and suggestions below.

 

 

898 Views
Ask Questions Get Answers Join the Live Community
Labels