Creating Application Signature Groups
Juniper Networks regularly updates the predefined application signature database, making it available to subscribers on the Juniper Networks website. This package includes signature definitions of known application objects that can be used to identify applications for tracking, firewall policies, quality-of-service prioritization, and Intrusion Prevention System (IPS).
Use the Application Signature page to view application signatures that are already downloaded and to create custom application signature groups. The application signature page displays the name, object type, category and subcategory, risk, and characteristics of the signature. You can create custom application signature groups with a set of similar signatures for consistent reuse when defining policies.
As of Junos OS Release 12.1x47 and later, the nested applications are called applications, with the same details converted as the members of application signature. These application signatures are called ngAppIDs. The Application Signature page shows only the ngAppID2.0 applications and application groups.
Before You Begin
Make sure you have downloaded the application signature database package.
Make sure that the latest updates have been applied.
Review the Application Signature main page for an understanding of your current data set. See Application Signatures Main Page Fields for field descriptions.
Application identification supports custom application signatures to detect applications as they pass through the device. When you configure custom signature groups, make sure that your signature groups are unique.
To configure application signature groups:
- Select Configure > Application Firewall Policy >Signatures.
- Click the + icon.
- Complete the configuration according to the guidelines provided in Table 1.
- Click OK to save.
Table 1: Application Signature Group Settings
Enter a unique name that is a string of alphanumeric characters, colons, periods, dashes, and underscores. No spaces are allowed and maximum length is 63 characters.
Click the + icon to add signatures to your application group. On the Add Application Signatures page, select the check boxes next to the signatures you want to add to the group.