So, if you guys have viewed or read my “Where Fortinet is Messing Up” page….you know that I much prefer the way Palo Alto Networks does app assignment on policies.
5.6 Beta 2 is flipping that on it’s head though as it seems to be more aligned. The ability to select the policy and the web category from the policy is going to make policy creation significantly more granular and simple / straight forward.
Normally, the way things like this work is you can select the app and it allows the app over any service or port. Or you can pick the app as WELL as the services and ports and it will only allow that app on that port for that policy. This is really going to change the way people do their policies on FortiGate’s. Palo has been like this for a while and I swear I have been submitting weekly feature requests for the past 3 years to get this type of stuff through!
So if you pick an Application it automagically allows all ports and services associated with that app also?
Normally, the way things like this work is you can select the app and it allows the app over any service or port. Or you can pick the app as WELL as the services and ports and it will only allow that app on that port for that policy. This is really going to change the way people do their policies on FortiGate’s. Palo has been like this for a while and I swear I have been submitting weekly feature requests for the past 3 years to get this type of stuff through!