Next gen features on port based rules

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements
Please sign in to see details of an important advisory in our Customer Advisories area.

Next gen features on port based rules

L4 Transporter

Hello ,

 

We are in process on migrating port based rules to APP -ID but as it is time taking process , it may take us sometime .

 

Can we still enable Security profiles like AV, Antispyware , Vul Protection , Wildfire  , Data Blocking ; URL filtering on Port based rules ?

 

Or is there a preq to have APP ID for these features ?

 

we want to start applying Security profiles with less restrictive actions , observe and then take strict actions like reset or block

 

Kindly reply .

 

Thanks

1 accepted solution

Accepted Solutions

Cyber Elite
Cyber Elite

hi @FWPalolearner 

 

yes absolutely you can enable all the security profiles on your port based rules

the content engines are smart enough to detect for themselves which protocols they can and will scan so they can be applied to anything from any any to fully set app + app-default rules and will function as expected

 

there is no concept of 'overscanning' like some legacy firewalls (eg. smtp signatures will not be matched if the content engine detects http) so it is perfectly safe to enable _everything_ on all rules even if there are no applications

 

hope this helps

 

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

View solution in original post

3 REPLIES 3

L4 Transporter

Anyone please ?

Cyber Elite
Cyber Elite

hi @FWPalolearner 

 

yes absolutely you can enable all the security profiles on your port based rules

the content engines are smart enough to detect for themselves which protocols they can and will scan so they can be applied to anything from any any to fully set app + app-default rules and will function as expected

 

there is no concept of 'overscanning' like some legacy firewalls (eg. smtp signatures will not be matched if the content engine detects http) so it is perfectly safe to enable _everything_ on all rules even if there are no applications

 

hope this helps

 

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

@reaper Thanks a lot , really appreciate 

  • 1 accepted solution
  • 2732 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!