Your App-ID looks good except for a few things. Your pattern is really close but should be "MSIE 7\.0". With no other changes, this should start identifying traffic from IE7 (or at least traffic that claims to be IE7). Once you get the signature working, you will likely run into another issue. It looks like you did not check the "Continue scanning for other applications" checkbox. This is fine if your intent is to block IE7, but if you want to allow IE7, this will turn all browsing traffic into IE7 for those users. This means you will not see what other web-based applications they are running. If you are just interested in knowing who is running IE7, then you could check that box and then the system would continue scanning for other applications. With this approach, only the traffic that is generic web-browsing would get classified as IE7 since no other more specific app would be found. YouTube would continue to show up as YouTube and Facebook would continue to show up as Facebook. However, if you did an ACC filter on IE7, you will be nearly guaranteed to have a least one session from each IE7 user that was generic web-browsing (now showing up as IE7), allowing you to know who is running it without losing visibility into more detail app info. Let us know if this works. Mike
... View more