on 11-14-2019 10:54 AM - edited on 07-09-2020 01:48 PM by DawgsFan
Enabling App-ID on Security Policy rules helps to narrow down the traffic that passes through the firewall. Configuring a specific Service on the same policy further defines what kind of traffic is allowed. The App-ID with Service best practice check gives a percentage of rules where both App-ID is enabled and Service/Port is not set to any.