- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
07-18-2014 09:45 AM
Hello
We currently block access to Scribd for our employees. We now want to allow Scribd and I was looking through the Applipedia and noticed "scribd-base" but it also has dependencies of "web-browsing" and ssl". If I add those dependencies will they permit ALL web-browsing (tcp 80) and ssl (443) traffic? Or will it be just limited to scribd-base?
Thank you
07-18-2014 12:19 PM
That will widely open up all traffic, categorized as web-browsing and SSL.
Thanks
07-18-2014 10:46 AM
Hello Ryan,
If you are using PANOS 5.0 and above you wouldn't be required to include dependent applications in the security policies.
Here is the document that explains the same:
How to Check if an Application Needs to have Explicitly Allowed Dependency Apps
Hope that helps!
Thank and regards,
Kunal Adak
07-18-2014 11:56 AM
Hi Kadak
Thank you for the link, very helpful!
We are on PAN OS 5.0.12
After reviewing the linked article and checking the implicit-use-applications list for Scribd, there are no apps listed. Therefor I would need to explicity allow web-browsing and ssl along with the scribd-base. In doing so, will the policy open up access to all websites that are identified as web-browsing and ssl? Or will the policy just apply when the user visits scribd.com?
THank You
07-18-2014 12:19 PM
That will widely open up all traffic, categorized as web-browsing and SSL.
Thanks
08-22-2014 09:09 AM
HULK is right,
Therefore PaloAlto is unable to allow a specific Application explicitly if it has dependencies, without allowing the dependencies as well.
There are many applications that are depends on web-browsing and ssl and allowing them would create a big "hole"
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!