Workflow to Best Incorporate New and Modified App-IDs
Refer to this master workflow to first set
up Application and Threat content updates, and then to best incorporate
new and modified App-IDs into your security policy. Everything you
need to deploy content updates is referenced here.
Align your business needs with an approach to
deploying Application and Threat content updates.
Learn how Applications and Threat Content
Updates work, and identify your organization as either mission-critical or security-first.
Understanding which of these is most important to your business
will help you to decide how to best deploy content updates and apply
best practices to meet your business needs. You might find that
you want to apply a mix of both approaches, perhaps depending on
firewall deployment (data center or perimeter) or office location
(remote or headquarters).
Configure a security policy rule to always allow new
App-IDs that might have network-wide impact, like authentication
or software development applications.
The New App-ID characteristic matches to only the App-IDs
introduced in the latest content release. When used in a security
policy, this gives you a month’s time to fine tune your security
policy based on new App-IDs while ensuring constant availability
for App-IDs that fall into critical categories (Ensure
Critical New App-IDs are Allowed).
Set the schedule to Deploy Application and Threat
Content Updates; this includes the option to delay new App-ID
installation until you’ve had time to make necessary security policy
updates (using the New App-ID Threshold).
Monitor
New App-IDs to get a view into new App-ID activity on your
network, so that you’re best equipped to make the most effective
security policy updates.