Special shoutout to Cyber Elite @reaper for his contribution to this blog!
Managing a security policy rulebase can be quite tedious. Content updates for applications are released at least weekly, if not more frequently. As a result, administrators can find themselves spending precious time working on change requests rather than working on more important matters.
Often overlooked, Application Filter objects can be a useful tool for administrators to streamline the security policy rulebase. An Application Filter is a dynamic object that can be created based on administrator-defined application attributes, including category, subcategory, risk factor, tags, and characteristics. Application filters can be utilized when you would like to allow users to access applications that are not explicitly sanctioned or block high-risk applications.
To create an Application Filter, you can navigate to Security Policy -> Application -> New Application Filter or you can navigate to Objects -> Application Filter -> Add. The application filter can then be attached to security policies under the application section.
As applications are re-categorized and as new applications are added, they will be added or removed from the filter dynamically. Administrators will no longer have to make additional changes to the policy rulebase to allow or deny any application that matches an organization's attributes. You can also exclude applications from the filter in case they need to be allowed/denied by your organization.
Thank you for taking the time to read this blog.
Don't forget to hit the Like (thumbs up) button and to Subscribe to the LIVEcommunity Blog area.
@JayGolf out!
