Configuring APPID Support for Heuristics
Heuristics methodology provides a mechanism for identifying encrypted data packets in point-to-point applications. These packets are not normally detected by the existing application signatures.
To enable APPID to employ heuristics in traffic identification:
Include the
enable-heuristics statement:[edit services application-identification] user@host# set enable-heuristics
The show services application-identification counter operational command includes additional output fields that report
the number of encrypted sessions.
Note:
When you enable heuristics, performance and scaling values might be negatively affected. This mechanism assists the APPID module in identifying encrypted traffic, but only if the identifications are supported by the current signature package.