Let's look at a typical scenario where you might use an Application Override policy. In such cases, we recommended creating an application override to allow easier identification and reporting, and to prevent confusion. For these applications, we may not have signatures to properly identify the expected behavior and identify the traffic with a known application.
In some cases, customers build their own custom applications to address specific needs unique to the company.
You might ask why we'd ever need to override the normal application identification process. Please note that this is different from a traditional "Custom Application" as a Custom Application normally uses a signature and any traffic passing through the firewall would be identified as such, and not need an Application Override. As soon as the Application Override policy takes effect, all further App-ID inspection of the traffic is stopped and the session is identified with the custom application.
IEEE 802.1Q, IEEE 802.3ad (LACP), IEEE 802.Application Override is where the Palo Alto Networks firewall is configured to override the normal Application Identification (App-ID) of specific traffic passing through the firewall. Maximum number of sessions: 32000000 ¦ New sessions per second: 458000 ¦ Virtual systems: 25ĭHCP support, NAT support, LDAP support, VLAN support, Syslog support, DoS attack prevention, content filtering, DiffServ support, manageable, IPv6 support, antivirus analysis, High Availability, DDos attack prevention, anti-malware protection, Quality of Service (QoS), DHCP server, IPv4 support, anti-spyware protection, web threat protection RIP, BGP, IGMPv2, IGMP, OSPFv2, PIM-SM, static IP routing, IGMPv3, OSPFv3, PIM-SSM, policy-based routing (PBR), Bidirectional Forwarding Detection (BFD)įirewall throughput: 72.2 Gbps ¦ VPN throughput (IPSec): 21 Gbps ¦ Threat prevention throughput: 30 Gbps Ethernet, Fast Ethernet, Gigabit Ethernet, 10 Gigabit Ethernet, 40 Gigabit Ethernet, 100 Gigabit Ethernet
0 kommentar(er)
