Unified policies are security policies that enable you to use the dynamic applications as match conditions along with the existing 5-tuple or 6-tuple (with user firewall) match conditions to detect application changes over time
>> Go to Configuration
Many dynamic applications use HTTP static ports to tunnel non-HTTP traffic through the network
The 5-tuple includes the source, destination IP address, source, destination port, and protocol.
Layer 3 Hearder / IP | Layer 4 Header / TCP/UDP | ||||
Src | Dst | Protocol | Src | Dst | |
---|---|---|---|---|---|
HTTP | IP@1 | IP@2 | 6 (tcp) | x | 80 ( HTTP ) |
1- Step1: 5-tuple > define the app id ( or session )
2- Step2: application layer: for HTTP: GET ( Client to Server ) then server TCP traffic ( with Src/Dst port)
3- Step3:
4- Step4: