The Policy Optimizer New App Viewer shows you the Security policy rules that match downloaded cloud App-IDs from ACE. Use Policy Optimizer to manage the newly identified applications and add them to cloned rules or to existing rules. Select PoliciesSecurity and then select New App Viewer in the Policy Optimizer portion of the interface.

The upper portion of the screen is similar to ObjectsApplication Filters. It works in a similar manner and filters the Security policy rules shown in the lower portion of the screen. You can filter the rules that allow applications by category, subcategory, etc. The only categories and subcategories available for filtering are the ones that match the new applications on the rules listed in the lower half of the screen, so you don’t waste your time filtering for applications that aren’t there.

When you filter the rules, only the rules that include the filtered applications are shown in the lower portion of the screen. Rules that have not seen the apps in the filter are removed from the list. (You can see them all again by removing the filter.)

Click the number in the Apps Seen column to open the Applications & Usage dialog to change the way the firewall handles the cloud-based applications in Security policy. Add ACE App-IDs to Security policy rules using an Application Filter, an Application Group, Policy Optimizer, or by directly adding an ACE App-ID to a rule. Until you take one of these actions to control cloud-delivered App-IDs, the firewall continues to treat the traffic as ssl or web-browsing traffic and uses existing ssl or web-browsing Security policy rules to control the applications.