4.2 Well-Known Applications

Printer Friendly Page

4.2 Well-Known Applications

 

This activity results in conversion of a port based policy to an application based policy to shrink the clients attack surface. Tasks include:

  • Validate dynamic updates settings which is key for future App-ID content
  • Plan for interactions with SSL Decryption
  • Create a plan for how long to keep legacy rules
  • Determine Log retention
  • Identify Inbound rules from Internet and conduct App-ID Migration by hand
  • Clone rules and add application information
  • Verify at least 80% of perimeter security rules specify application
  • Determine if service can be changed to application-default or kept to the same service when cloning rules
  • Verify legacy rules are no longer being hit
  • Remove legacy rules
  • Isolate unknown tcp/udp applications for later analysis
  • Explain ongoing Security Policy implementation based on App-ID

 

Deliverables: 

  • App-ID conversion Addendum to As-Built   document
  • Completed AppID Implementation checklist

 

Consultant Collateral: 

  • App-ID Migration Best Practices
  • App-ID Checklist
Ask Questions Get Answers Join the Live Community
Version history
Revision #:
3 of 3
Last update:
‎07-02-2020 11:21 AM
Updated by:
 
Labels
Contributors