shows you the Security policy rules that
match downloaded cloud App-IDs from ACE. Use Policy Optimizer to
manage the newly identified applications and add them to cloned
rules or to existing rules. Select
Policies
Security
and then select
New
App Viewer
in the
Policy Optimizer
portion
of the interface.
The upper portion of the screen is similar to
Objects
Application Filters
.
It works in a similar manner and filters the Security policy rules
shown in the lower portion of the screen. You can filter the rules
that allow applications by category, subcategory, etc. The only
categories and subcategories available for filtering are the ones
that match the new applications on the rules listed in the lower
half of the screen, so you don’t waste your time filtering for applications
that aren’t there.
When you filter the rules, only the rules that include the filtered
applications are shown in the lower portion of the screen. Rules
that have not seen the apps in the filter are removed from the list.
(You can see them all again by removing the filter.)
Click the number in the
Apps Seen
column
to open the
Applications & Usage
dialog
to change the way the firewall handles the cloud-based applications
in Security policy. Add ACE App-IDs to Security policy rules using
an Application Filter, an Application Group, Policy Optimizer, or
by directly adding an ACE App-ID to a rule. Until you take one of
these actions to control cloud-delivered App-IDs, the firewall continues
to treat the traffic as ssl or web-browsing traffic and uses existing
ssl or web-browsing Security policy rules to control the applications.