How to automate rules with App-ID

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

How to automate rules with App-ID

L0 Member

How can you automate firewall rule creation when App-ID is used? This seems easy enough on a port-based firewall, but I have yet to see anything addressing APP-ID. A typcial flow could look like this:


user submits firewall request form

appropriate approvals submitted

automation handles the form 

automation provisions the firewall based on the approved user request

 

How are people handling the automation/form submittal process when App-ID is used? The APP-ID webpage provides information as to what applications are available but does not seem to fit the use case listed above.

 

Hope you are having a great day!

1 accepted solution

Accepted Solutions

L3 Networker

One of the workflows I've seen allows users to select AppIDs on the FW CR form. Depending on your user base you could limit the AppID list to a curated selection, or do something fancy like filter based on which port the user selects.  You can pull the AppID DB from the firewalls/Panorama using the API, and the Application Default ports are listed for each AppID, so the data could come from there.

View solution in original post

3 REPLIES 3

L3 Networker

One of the workflows I've seen allows users to select AppIDs on the FW CR form. Depending on your user base you could limit the AppID list to a curated selection, or do something fancy like filter based on which port the user selects.  You can pull the AppID DB from the firewalls/Panorama using the API, and the Application Default ports are listed for each AppID, so the data could come from there.

Thanks! I was trying to parse the data from the App-ID website, I didnt realize I could use the local API.

I like the curated selection approach that @drogers mentions because it will silmplify the request process and require less rework when the wrong application is selected.  Giving an end-user a choice of 3,000+ App-ID signatures would be asking for trouble.

 

Screen Shot 2019-07-30 at 6.01.40 PM.png

  • 1 accepted solution
  • 6174 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!