07-22-2017 04:26 AM
HELLO EVERYONE !!
I GOT GENERAL QUESTION ABOUT ACC RISK FACTOR
IT REACHES 4.0
DOES THIS WILL MAKE THE PALOALTO GO SLOW ?
AND WHAT IS BEST VERIFIED APPLICATION THAT I SHOULD ADD
SO IT CAN LOWER THE RISK . IF YOU HAVE A LIST THAT WOULD BE HELPFUL
THANK YOU 🙂
07-25-2017 09:01 AM
Don't judge your actual risk factor by what the calculated risk factor is displayed as, that just has you worrying about potentially nothing. The default risk factor of applications will have that go up depending on what app-ids are being identified, however if you have a proper security rulebase configuration that locks everything down to sanctioned apps then I wouldn't be to worried about it.
Most applications will bring you close to a Risk cateogry of 4. App-ids such as ssl, youtube-base, web-browsing, google-base, facebook-video, facebook-base, apple-appstore, and many others are all Risk 4 app-ids. You can edit these if you simply want to tell management that your risk level has gone down, but really that number doesn't actually mean much of anything unless you've taken the time to fine-tune your different rulebases, created custom app-ids, lowered the Risk of known sanctioned applications that have inherint risks associated with them and so on. Otherwise I would kind of expect this to be anywhere from 3-4 depending on the type of network traffic that you are processing.
07-22-2017 04:58 AM
Regards,
Remo
07-25-2017 01:01 AM
Hi,
Just wanted to add something, if you trust those applications you can modify the risk factor for them. Of course its not recommended but this will decrease the risk factor.
Regards,
Sharief
07-25-2017 09:01 AM
Don't judge your actual risk factor by what the calculated risk factor is displayed as, that just has you worrying about potentially nothing. The default risk factor of applications will have that go up depending on what app-ids are being identified, however if you have a proper security rulebase configuration that locks everything down to sanctioned apps then I wouldn't be to worried about it.
Most applications will bring you close to a Risk cateogry of 4. App-ids such as ssl, youtube-base, web-browsing, google-base, facebook-video, facebook-base, apple-appstore, and many others are all Risk 4 app-ids. You can edit these if you simply want to tell management that your risk level has gone down, but really that number doesn't actually mean much of anything unless you've taken the time to fine-tune your different rulebases, created custom app-ids, lowered the Risk of known sanctioned applications that have inherint risks associated with them and so on. Otherwise I would kind of expect this to be anywhere from 3-4 depending on the type of network traffic that you are processing.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
