Understanding Custom Policy Applications

If you do not want to use predefined applications in your policy, you can easily create custom applications.

You can assign each custom application the following attributes:

• Name
• Transport protocol
• Source and destination port numbers for applications using TCP or UDP
• Type and code values for applications using ICMP
• Timeout value

This topic covers:

• Custom Application Mappings
• Related Topics

Custom Application Mappings

The application option specifies the Layer 7 application that maps to the Layer 4 application that you reference in a policy. A predefined application already has a mapping to a Layer 7 application. However, for custom applications, you must link the application to an application explicitly, especially if you want the policy to apply an Application Layer Gateway (ALG) or deep inspection to the custom application.

Note: JUNOS Software supports ALGs for numerous applications, including DNS, FTP, H.323, HTTP, RSH, SIP, Telnet, and TFTP.

Applying an ALG to a custom application involves the following two steps:

• Define a custom application with a name, timeout value, transport protocol, and source and destination ports.
• When configuring a policy, reference that application and the application type for the ALG that you want to apply.

Related Topics

• Example: Adding a Custom Policy Application
• Example: Modifying a Custom Policy Application
• Example: Defining a Custom Internet Control Message Protocol Application