Hide Navigation Pane
Show Navigation Pane
Feedback
Download
SHA1
Understanding Junos OS Application Identification Services
Juniper Networks provides predefined application signatures that detect Transmission Control Protocol (TCP) and User Datagram Protocol (UDP) applications running on nonstandard ports. You can also create custom application and nested application definitions to identify applications that are not part of the predefined database. Identifying these applications allows Intrusion Detection and Prevention (IDP) to apply appropriate attack objects to applications running on nonstandard ports. It also improves performance by narrowing the scope of attack signatures for applications without decoders. The information collected by application identification can also be used by AppTrack to create detailed reports on the applications passing through the device.
The application definitions identify an application by matching patterns in the first few packets of a session. The application identification module matches patterns for both client-to-server and server-to-client sessions.
Application identification is enabled by default and is automatically turned on when you configure the default application in an IDP or an AppTrack policy. However, when you specify an application in the policy rule, application identification is disabled and attack objects are applied based on the specified application. This specific application configuration overwrites the automatic identification process. For instructions on specifying applications in policy rules, see Example: Configuring IDP Applications and Services.
For information on IDP application identification, see Understanding IDP Application Identification.
For information on AppTrack, see Understanding AppTrack.
 | Note: The Junos OS application identification application signature package update is a separately licensed subscription service. You must install the application identification application signature update license key on your device to download and install the signature database updates provided by Juniper Networks. When your license key expires, you can continue to use the locally stored application package contents. For license details, see the Junos OS Administration Guide for Security Devices |
Related Topics
- Junos OS Feature Support Reference for SRX Series and J Series Devices
- Understanding Junos OS Application Identification Application Package
- Understanding Junos OS Application Identification Custom Application Definitions
- IDP Policies Overview
- Understanding IDP Service and Application Bindings by Attack Objects
