Understanding IDP Application Identification for Nested Applications

With the greater use of application protocol encapsulation, the need arises to support the identification of multiple different applications running on the same Layer 7 protocols. For example, applications such as Facebook and Yahoo Messenger can both run over HTTP, but there is a need to identify them as two different applications running on the same Layer 7 protocol. In order to do this, the current application identification layer is split into two layers: Layer 7 applications and Layer 7 protocols.

Included predefined application signatures have been created to detect the Layer 7 applications whereas the existing Layer 7 protocol signatures still function in the same manner. These predefined application signatures can be used in attack objects.

Related Topics

• Junos OS Feature Support Reference for SRX Series and J Series Devices
• Understanding IDP Application Identification
• Activating IDP Application Identification for Nested Applications (CLI Procedure)
• Example: Adding IDP Application Information to Attack Logging for Nested Applications (CLI)