This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Next gen features on port based rules

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Next gen features on port based rules

Go to solution
FWPalolearner
L4 Transporter

‎01-13-2021 01:25 AM - last edited on ‎06-03-2021 08:07 PM by Community Manager

Hello ,

 

We are in process on migrating port based rules to APP -ID but as it is time taking process , it may take us sometime .

 

Can we still enable Security profiles like AV, Antispyware , Vul Protection , Wildfire  , Data Blocking ; URL filtering on Port based rules ?

 

Or is there a preq to have APP ID for these features ?

 

we want to start applying Security profiles with less restrictive actions , observe and then take strict actions like reset or block

 

Kindly reply .

 

Thanks

Labels:
0 Likes Likes
1 accepted solution

Accepted Solutions

Go to solution
reaper
Cyber Elite
Cyber Elite

‎01-13-2021 05:11 AM

hi @FWPalolearner 

 

yes absolutely you can enable all the security profiles on your port based rules

the content engines are smart enough to detect for themselves which protocols they can and will scan so they can be applied to anything from any any to fully set app + app-default rules and will function as expected

 

there is no concept of 'overscanning' like some legacy firewalls (eg. smtp signatures will not be matched if the content engine detects http) so it is perfectly safe to enable _everything_ on all rules even if there are no applications

 

hope this helps

 

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization

View solution in original post

0 Likes Likes
3 REPLIES 3

Go to solution
FWPalolearner
L4 Transporter

‎01-13-2021 02:52 AM

Anyone please ?

0 Likes Likes

Go to solution
reaper
Cyber Elite
Cyber Elite

‎01-13-2021 05:11 AM

hi @FWPalolearner 

 

yes absolutely you can enable all the security profiles on your port based rules

the content engines are smart enough to detect for themselves which protocols they can and will scan so they can be applied to anything from any any to fully set app + app-default rules and will function as expected

 

there is no concept of 'overscanning' like some legacy firewalls (eg. smtp signatures will not be matched if the content engine detects http) so it is perfectly safe to enable _everything_ on all rules even if there are no applications

 

hope this helps

 

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization
0 Likes Likes

Go to solution
FWPalolearner
L4 Transporter
In response to reaper

‎01-13-2021 05:54 AM

@reaper Thanks a lot , really appreciate 

0 Likes Likes
  • 1 accepted solution
  • 3305 Views
  • 3 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks