Minimal configuration for Custom Apps

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Minimal configuration for Custom Apps

L0 Member

Our programmer wrote an app that uses TCP/9901 and 9902 to transfer data between the East and West buildings.  Let's call it JC-App.   What is the minimum configuration on both the East and West Firewalls?  Also, what would need to be added to require the use of Application Override ??   Thanks.  jc

1 REPLY 1

Cyber Elite
Cyber Elite

Hello,

 

If you do not wish the App to be checked for any attacks then use Application Override . If the application is HTTP based for example you can add  web-browsing as the parent application for example so that app will be checked for web attacks:

 

https://docs.paloaltonetworks.com/pan-os/u-v/custom-app-id-and-threat-signatures/custom-application-...

 

Also the firewall will check the session for the inbound direction and the return traffic will be auto allowed so if the traffic only from east to west then you will need to add the security rule on inbound interface of the east fw and then on the interface on the west fw that the west fw talks with east firewall.

 

https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClVECA0

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!