Custom Application Signature

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Custom Application Signature

L2 Linker

Hello

For the same application, I have several links and ports (https://application.intra.mydomin.corp:8530/toto, https://application.intra.mydomin.corp:8130/titi, https://application.mydomin.corp:8530/toto,..) and I would like to create a rule and specify the application and not a rule based on the protocol. 

 

How I can create a custom application who match with my example ?

 

BR

3 REPLIES 3

L7 Applicator

Hi @CARRIERJerome 

 

Some help with creating a custom application signature you can find here in this knowledgebase article: https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA10g000000ClOFCA0

 

With your example:

Do you have TLS decryption enabled? If not, you will only be able to filter based on the fqdn. What you could do also - instead of creating a custom app - is using a custom url category and simply use this custom url category in your security policy rule (this does not require URL filtering license).

 

Regards,

Remo

Hello

My goal is to create an generic signature because my application has not always the sale fqdn but I have always the /toto or /titi after (application1.intra.domain.corp/toto, application1.intra.domain.corp/titi, application1.ext.domain.corp/toto,...). Is it possible and how I can create a signature based on *.intra.domain.corp/toto or *.intra.domain.corp/titi or *.ext.domain.corp/toto?

 

BR

I forgot to precise : our application uses differents port such as application1.intra.domain.corp/8085/toto, or application1.intra.domain.corp:8585/titi or application1.ext.domain.corp/8085/toto..

 

BR

  • 2352 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!