Unleash Your Potential - Namagunga Girls Coding Club
12 palo alto app-id concept
1. Palo alto App-ID concept ( Applications Control )
1. What’s the Application?
2. App-ID Vs. Port-Base
3. Why Applications control is necessary?
4. App-ID Overview
5. How App-ID identifies applications
6. App-ID Operation
7. App-ID Flow Logic
8. What is Applipedia?
9. What is Application Dependency & Implicit ?
4. Why Applications control is necessary?
1. Identify applications regardless of the port, protocol, decryption, or any other evasive tactic.
2. Integrate with User-ID , by using granular control of applications by specific users, groups.
3. Prevent all unauthorized applications from executing , they may be malicious, untrusted, or simply unwanted.
4. Support all inbound and outbound SSL decryption capabilities.
5. identify and prevent threats and malware in encrypted network streams.
6. Integrate with IPS so that Protect against exploits of unpatched OS and third-party application vulnerabilities.
7. Better Understanding of Data Environments with Application Control
8. Improve your overall network stability.
5. App-ID Overview
Determines what an application is irrespective of
port, protocol, encryption (SSH or SSL) or any
other evasive tactic used by the application
6. How App-ID identifies applications
App ID performs a deep packet inspection (DPI) of traffic on the
network and on every packet in the flow that passes through the
application identification engine until the application is identified.
• Application Signatures
• TLS/SSL and SSH Decryption
• Application Protocol Decoding
• Heuristics or behavioral analysis
• Custom Signatures (Application Override)