Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Global Settings

You are here: Security Policies & Objects > Dynamic Applications.

To add global settings:

  1. Click the Global Settings on the upper right side of the Application Signatures page.

    The Global Settings page appears.

  2. Complete the configuration according to the guidelines provided in Table 1.
  3. Click OK to save the changes. If you want to discard your changes, click Cancel.
Table 1: Fields on the Global Settings Option Page

Field

Action

General

Custom Application Byte Limit

Select the byte limit in the range 0 through 10000. This helps in understanding when to stop the identification of custom applications.

Micro Applications

Enable micro-application detection in application identification and then use them as matching criteria in a security policy.

Application System Cache

Enable or disable storing of AI result in application cache, configure ASC security services, configure miscellaneous services such as ABPR, or set the cache entry timeout.

Application Cache

Enable this option to save the mapping between an application type and the corresponding destination IP address, destination port, protocol type, and service.

Security Services

Enable this option for security services, such as security policies, application firewall (AppFW), Juniper ATP Cloud, IDP, and UTM

Miscellaneous Services

Enable this option for miscellaneous services, such as APBR and AppTrack.

Cache entry timeout

Enter the timeout value in seconds for the application system cache (ASC) entries.

Range: 0 through 1000000 seconds. Default is 3600 seconds.

Packet Capture

Global packet capture

Enable packet capture globally to capture all unknown application traffic.

You can also enable this option specific to a security policy at the rule level. For more information, see Add a Rule.

Aggressive mode

Enable to capture all traffic before AppID classifies the applications. In this mode, the system captures all application traffic regardless of the application system cache (ASC) entry. Packet capture starts for the first packet of the first session.

Exclude inconclusive traffic

Disable packet capture of inconclusive traffic. This option is available when you enable the Aggressive mode option.

This option disables the packet capture for the following sessions:

  • Sessions closed before the application identification or classification completes.

  • Sessions not classified even though they reach the maximum packet capture limit.

If you do not configure this option, by default, the system captures packets for inconclusive sessions.

Advanced

Maximum packets

Maximum number of UDP packets per session.

Range: 1 through 1000. Default is 10 packets.

Maximum bytes

Maximum number of TCP bytes per session. For TCP sessions, the count includes the actual payload data length and excludes IP/TCP headers for the maximum bytes limit.

Range: 40 through 1,073,741,824. Default is 6000 bytes.

Maximum files

Maximum number of unique packet capture files to create before the oldest file is overwritten by a new file created.

Range: 1 through 2500. Default is 100.

Maximum storage

Maximum disk space (bytes) that can be used in the Routing Engine for packet capture files.

Range: 1 through 4096 MB. Default is 50 MB.

Maximum memory

Maximum memory limit for deep packet inspection (DPI).

Range: 1 KB through maximum bytes (depending on the available space on the device).

Packet capture interval

Timeout value in minutes to avoid repetitive capture of same traffic. After this interval, the system continues to capture newer packet details for unknown applications until the capture limit is reached.

Range: 1 through 525,600 minutes. Default is 1440 minutes (24 hours).

Repeat traffic capture

Number of repetitive captures of same traffic. Use this option to limit the number of times the same traffic can be repeatedly captured before the cache entry times out.

Range: 1 through 1000. Default is 5.