What is an Application Override?
Application Override is where the Palo Alto Networks firewall is configured to override the normal Application Identification (App-ID) of specific traffic passing through the firewall. As soon as the Application Override policy takes effect, all further App-ID inspection of the traffic is stopped and the session is identified with the custom application.
To configure an Application Override, go to Policies > Application Override in the WebGUI. For setup, you'll need the following:
- Custom Application to be used in the Application Override policy (recommended)
- Application Override policy
- Security Policy that allows the newly created Custom Application through the firewall
Example.
ldaps is on TCP / 636, Palo NGFW doesn't recognized this app.
1. Create a custom app called AO-ldaps on TCP/636.
2. Create an Application Override policy to define the specific traffic to be identified as AO-ldaps.
3. Use AO-ldaps in Security Policy
Comments
Post a Comment