Understanding IDP Application System Cache Information for Nested Application Identification

Nested application identification information is saved in the application system cache to improve performance. This cache is updated when a different application is identified. The only circumstances in which nested application information is not cached are the following:

• The application system cache is turned off for nested application identification.
• The matched application signatures have only client-to-server members.
• There is no valid server-to-client response seen for a transaction. This is done to prevent an attacker from sending invalid client-to-server requests to poison the application system cache.

Related Topics

• Junos OS Feature Support Reference for SRX Series and J Series Devices
• Understanding IDP Application Identification
• Understanding Junos OS Application Identification for Nested Applications
• Understanding the Application System Cache
• Deactivating IDP Application System Cache Information for Nested Application Identification (CLI Procedure)