Workflow to Best Incorporate New and Modified App-IDs
Refer to this master workflow to first set
up Application and Threat content updates, and then to best incorporate
new and modified App-IDs into your security policy. Everything you
need to deploy content updates is referenced here.
Align your business needs with an approach to
deploying Application and Threat content updates.
Learn how Applications
and Threat Content Updates work, and identify your organization
as either mission-critical or security-first. Understanding
which of these is most important to your business will help you
to decide how to best deploy content updates and apply best practices
to meet your business needs. You might find that you want to apply
a mix of both approaches, perhaps depending on firewall deployment
(data center or perimeter) or office location (remote or headquarters).
Configure a security policy rule to always allow new
App-IDs that might have network-wide impact, like authentication
or software development applications.
The New App-ID characteristic matches to only the App-IDs
introduced in the latest content release. When used in a security
policy, this gives you a month’s time to fine tune your security
policy based on new App-IDs while ensuring constant availability
for App-IDs that fall into critical categories (Ensure
Critical New App-IDs are Allowed).
Set the schedule to Deploy
Application and Threat Content Updates; this includes the
option to delay new App-ID installation until you’ve had time to
make necessary security policy updates (using the New
App-ID Threshold).
Monitor
New App-IDs to get a view into new App-ID activity on your
network, so that you’re best equipped to make the most effective
security policy updates.