- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
07-29-2024 06:16 AM
Hello,
I have a question about app id.
The App-ID description contains a Deny Action description of the action taken.
Whatever action is imposed by the security policy, the flow will follow the action of the App Id?
07-29-2024 06:29 AM
This depends on what security rule the traffic is hitting and the action applied to that rule. You can learn more about how this actually works by looking at the action documentation HERE, but in short you can override the application default deny action by specifying anything other than deny in your policy.
07-29-2024 06:36 AM
If in my policy action is drop
and the App Id action is deny reset.
Which action will the firewall choose?
07-30-2024 01:26 AM
The deny action in APP-ID will customize what the firewall does if you create a deny security rule:
The allow, drop, and reset actions will set the same action for all sessions
The Deny action however, will block the connection, but will apply the action dictated by the app-id
This means that some applications will cause RST packets to be sent when blocked, while others may be silently discarded
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!