: Custom Application and Threat Signatures
Focus
Focus

Custom Application and Threat Signatures

Table of Contents

Custom Application and Threat Signatures

Identify unknown applications and threats, detect and control specific traffic, and prevent network-based attacks with custom signatures.
Our next-generation firewalls allow you to develop custom application and threat signatures for network traffic you want to detect, monitor, and control. You can build these pattern-based signatures using information from packet captures and our available contexts. The firewall stores the custom signatures in a database separate from our predefined App-ID™ or threat signatures, which are updated on a regular basis.
Application signatures identify web-based and client-server applications such as Gmail. You can create custom application signatures for proprietary applications, commercial applications without an App-ID, or traffic you want to identify by a custom name. Threat signatures detect malicious activity and prevent network-based attacks. You can create custom threat signatures to incorporate third-party security advisories and signatures or to identify threat activity such as brute force login attempts. The resulting application and threat visibility allows you to exercise a greater level of control over network traffic and reduces the attack surface of your enterprise.
Weekly content releases periodically include new decoders and contexts from which you can develop signatures.