Hi,

Continuing from the previous post,

https://r2079.wordpress.com/2015/09/16/quick-series-19-srx-appsecure_suite-apptrack/

the identified facebook traffic needs to be blocked, while traffic for apple and others are still allowed.

Topology

topology_png

APPFW – Application Firewall by the name gives the flexibility to block specific applications. For example over https, we may have gmail and facebook , so we go about blocking 443 it will block all https connections, APP-ID will help us to identify the application traversing and APPFW will help us block the Related Application seamlessly.

1_rules_policies

Let us see this in Log server, Kindly note without session-init here, we would not be seeing any SESSION_DENY logs as per the documentation

2_session_deny_logs

Regards

Rakesh M

Advertisements