AirWatch, SharePoint-Online and GlobalProtect MFA notification New App-IDs

by Community Manager on ‎07-18-2018 12:20 AM - last edited on ‎07-18-2018 04:44 PM by (5,886 Views)

If you have an active support contract, please read the full article here: Airwatch, Sharepoint-Online and GlobalProtect MFA: New App-IDs.

 

Background

At Palo Alto Networks, we're always looking for ways to provide better application visibility and control to our customers to help them safely enable these applications. An important part of this effort is to prepare customers for upcoming changes that carry a policy impact for a very popular application. 

 

With the Application and Threat Content Release of July 17, we have the following plan put in place for AirWatch and Sharepoint-Online App-IDs.

 

airwatch: VMware AirWatch is a Mobile device management (MDM), a device lifecycle management technology that enables IT to deploy, configure, manage, support and secure mobile devices through MDM profiles installed on the devices. 

 

sharepoint-online functional App-IDs: Sharepoint-online is an integral part of the Microsoft Office365 suite that allows users to share and collaborate documents within the Office 365 ecosystem. We are releasing new granular App-IDs to identify uploading, downloading, sharing and editing activity for sharepoint-online. 

 

palo-alto-gp-mfa-notification : MultiFactor Authentication gateway (firewall) sends an UDP notification message to GlobalProtect client, when the client accesses a non-browser (such as SSH) based resource, to notify the client/end-user to authenticate first before accessing the resource.

 

For both these new App-IDs, we foresee a policy impact where customers' existing policies might not accommodate new App-IDs. To help customers absorb these new App-ID updates without a policy impact, we are putting together the following plan:

 

  • July  17, 2018: We will be releasing the following placeholders App-IDs The placeholder App-IDs allow our customers to make any necessary policy changes to their firewalls ahead of time. A placeholder App-ID is just a shell that you can insert in security policies but does not have any signature in it. 
    • airwatch
    • sharepoint-online-sharing
    • sharepoint-online-downloading
    • sharepoint-online-uploading
    • sharepoint-online-editing
    • palo-alto-gp-mfa-notification
  • August 21, 2018 : We will functionally enable the placeholder App-IDs and all relevant traffic for these applications will start matching these App-IDs. 

Be ready! Customers can view the FAQs and more here.

 

 

 

Ask Questions Get Answers Join the Live Community
Labels