Services

Announcements

ATTENTION Customers, All Partners and Employees: The Customer Support Portal (CSP) will be undergoing maintenance and unavailable on Saturday, November 7, 2020, from 11 am to 11 pm PST. Please read our blog for more information.

Reply
Highlighted
Cyber Elite

@jdprovine,

I don't believe you will ever really get rid of this rule and I personally wouldn't be too worried about it. To actually strictly use app-id on untrust based traffic you would essentially need to create a rule that incorporated every single app-id but those that you did not wish to allow from your trust to your untrust zone. This wouldn't be that hard to do, but maintaining this rule would take a lot of work as any app-id that PA identifies in the future would also need to be entered into this rule if you wish to allow access.

Depending on your security requirements it's likely not worth the time to actually attempt to fix this rule; 98% of enviroments that you visit will have the exact same type of rule assigned to their trust to untrust zones. Make sure that you have a good security profile assigned to this rule and call it done.

Highlighted
L7 Applicator

@BPry that is where Application Filters help you out.

Instead of creating static Application Groups you create dynamic Application Filters.

Enterprise Architect @ Cloud Carib www.cloudcarib.com
ACE, PCNSE, PCNSI
Highlighted
L4 Transporter

How do you set up dynamic application filters?

Highlighted
L4 Transporter
Highlighted
L4 Transporter

Thanks

Highlighted
L7 Applicator

just gonna leave this here : What are the recommended applications for internet access? :)

 

 

Tom Piens - PANgurus.com
New to PAN-OS or getting ready to take the PCNSE? check out amazon.com/dp/1789956374
Highlighted
L4 Transporter

that is a very good question reaper I need to find out this is a rule I did not create but am currently auditing all the rules

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!