Abnormality in pattern matching of APP CONTRL BLAD... - Page 2

Firewall_Head · ‎2025-02-18

Hi Checkmates,

I have a security policy created for communication between a pair of device, I'm using a custom created TCP high port (TCP 30K+) in service and no applications are mentioned inside the rule. But when I'm checking the logs it is matched against an APP named net.TCP.

Can someone shed light on how this is happening, how is traffic matched against an APP which I never specified in the rule.

Thanks in advance!

======

WR,

FH

the_rock

Can you check if app database is updates from smart console?

Andy

Firewall_Head

Looks good.

======

WR,

FH

Firewall_Head

It looks fine Andy.

====

WR,

FH

the_rock

Send me direct message at noon EST (9.30 IST) and I can send you zoom.

Andy

Firewall_Head

Sure Andy, will do.

======

WR,

FH

the_rock

Hey guys,

Tx for the remote. Just to update, below is what I mentioned about adding whatever services needed to customize the category services.

Btw, I will try test smart event shortly for automatic reaction.

Andy

the_rock

Hey bro,

For smart event automatic reaction, for the email alerts, see what I set up in the lab, will see if it actually works, I just used basic gmail, thats it.

Andy

Firewall_Head

Hey Andy, @the_rock

Hope you are doing well!

How were you able to pull off the configuration by using gmail?

Doesn't it need a password for authentication? (APP PASSWORD)

=====

WR,

FH @Chinmaya_Naik

the_rock

Hey man,

So sorry, was preoccupied with AV issue I have going on with a customer, so did not have chance to revisit this. Had to rebuild the smart event, so let me try it again and will update you either tomorrow or next week.

Andy

Firewall_Head

Thanks for the reply man.

We will discuss tomorrow then!

=====

WR,

FH

the_rock

Lets check next week 🙂

Are you a member of CheckMates?

Abnormality in pattern matching of APP CONTRL BLADE