Hi,

In my previous post i have covered installation of app-secure applications and license. This post would cover APP_TRACK , the tracker !

For installation of APP-SECURE ON VSRX, Follow the below URL

https://r2079.wordpress.com/2015/09/16/appsecure-suite-installing-license-evaluation-version-on-vsrx-firefly/

What is APP_TRACK – By the name itself, it is used to track Applications within the security-zones or type of application traffic traversing through SRX

So By know which sort of traffic is traversing the system, we can analyze and block if not necessary

Topology

topology_png

I have a syslog server running on Raspberry_Pi and Apple Ipad Trying to gain connectivity to internet.

First lets see, without any application-tracking, how does the syslog messages look like

1_without_any_appsecure

Let us enable APP-Track for security-zone internet. Please do remember, you have enable first-update as well if you need to see SESSION_INIT message, without this , you can only see SESSION_CLOSE messages only

2_enabling_track

Out of many types of traffic, let us see if we have any hits for Facebook and Apple.

3_matching_facebookandapple

Finally counter on APP-TRACK Stats

3.5_counters

Now, that we know what sort-of traffic is going through the firewall, we will block it in next-post via APP-TRACK Firewall

Regards

Rakesh M

Advertisements