Default elements for Network Application elements

There are several predefined elements for working with Network Application elements.

Application Type elements define general categories of network applications. One Application Type element can be associated with each Network Application element. Application Type elements are predefined, and you cannot create Application Type elements.

Tag elements help you to create simpler policies with less effort. Tag elements represent all Network Application elements that are associated with that Tag. For example, the Media Tag includes several web-based image, music, and video applications. Several Tags can be associated with each Network Application element.

TLS Match elements define matching criteria for the use of the TLS protocol in traffic. When a connection that uses the TLS protocol is detected, the server certificate for the connection is compared to the TLS Match in the Network Application definition. TLS connections are allowed only to sites that have trusted certificates that meet the following criteria:
  • The certificate domain name must match the domain name in the TLS Match element.
  • The certificate must be signed by a valid certificate authority.
  • The certificate must be valid (not expired or revoked).

The predefined elements are imported and updated from dynamic update packages. This means that the set of elements available changes whenever you update your system with new definitions. The Release Notes of each dynamic update package list the new elements that the update introduces.

Network Application Properties dialog box

Use this dialog box to view the properties of Network Application elements.

CAUTION:
Do not create Network Application elements. Use the predefined Network Application elements instead.
Option Definition
General tab
Name Specifies a unique name for the Network Application element.
Comment Adds a comment to the Network Application element.
Application Type Shows the selected network application type.
Select This option is disabled.
Parent Application Shows the selected parent network application.
Select This option is disabled.
Description Shows a more detailed description of the network application.
Supported Engine Versions Specifies the supported engine versions for the Network Application element.
Standard ports, unless otherwise specified in 'Service (Port)' field
Protocol Shows the protocol for the default port.
From Shows the start of the port range.
To Shows the end of the port range.
TLS Shows whether TLS is required, allowed, or forbidden.
Add Port This option is disabled.
Remove Port This option is disabled.
Protocol Shows the Protocol Agent element associated with the Network Application element.
Select This option is disabled.
TLS Match Shows the TLS Match element associated with the Network Application element.
Select This option is disabled.
Application Identifiable by TLS Match Alone Shows whether the network application can be identified without decrypting the traffic.
Option Definition
Protocol Parameters tab This tab is disabled.
Option Definition
Tags tab
Name Shows the name of the tag.
Comment Shows the comment associated with the selected tag.
Type Shows the tag type.
Add Tags This option is disabled.

Application Type Properties dialog box

Use this dialog box to view the properties of an Application Type element. You cannot edit Application Type elements.

Option Definition
Name Shows the name of the element.
Comment Shows a description of the element.
Save Not available in this dialog box.

Application Usage Tag Properties dialog box

Use this dialog box to view the properties of an Application Usage Tag element. You cannot edit Application Usage Tag elements.

Option Definition
Name Shows the name of the element.
Comment Shows a description of the element.
Save Not available in this dialog box.