Application Identification (AppID)
-
Subject Alternative Name in custom application signatures (SRX Series Firewalls, vSRX3.0)—Starting in Junos OS Release 23.4R1, you can create an application identification (AppID) custom signature using the Subject Alternative (SAN) certificate attribute for SSL signatures. You can use the SAN attribute to specify multiple host names or IP addresses in a single certificate. With this enhancement, custom application signatures can detect applications based on the application’s host names listed in the SAN field of the SSL certificate.
You can configure SAN using the
ssl-subject-alt-name
option under [edit services application-identification application name over SSL signature name member name context
] hierarchy. - Micro-applications enhancements (SRX Series Firewalls and
vSRX)—Starting in Junos OS Release
23.4R1,
we’ve enhanced the detection of micro-applications. Application identification (AppID) now
uses string-based attributes of the application for matching
micro-applications
in addition to using the integer-based attributes of application.
You can now manage applications with a finer level of control at the sub-function level.
See [Application Identification Support for Micro-Applications].