topic Re: source base Application filtring in FMC in Network Security

source base Application filtring in FMC

rushispace — Fri, 15 Nov 2024 11:07:11 GMT

as i know in fmc-ftd application control or filtering in policy is work for user --> application however does it work for server<---application. in short my source will be xyz public application and destination is my private server in this scenario fqdn and normal network or ip base policy will be work however does application based policy will be also work ?

Re: source base Application filtring in FMC

MHM Cisco World — Fri, 15 Nov 2024 11:11:13 GMT

App based on TCP and in any TCP there is client and server.

here clinet is ServerA which open TCP session with ServerB as server and hence you can use FMC URL Filter and App ID

MHM

Re: source base Application filtring in FMC

rushispace — Fri, 15 Nov 2024 11:30:15 GMT

hey buddy i am not talking about url filtering i am talking about application please look at the screen shot below.

Re: source base Application filtring in FMC

ckleopa — Fri, 15 Nov 2024 12:22:27 GMT

Yes if your source application is one of the apps listed in the Application tab in the AC Rules page, it should work also. As long as the FMC/FTD can clearly see the FQDN/Signatures regardless of client/server it should be to handle these accordingly.

Re: source base Application filtring in FMC

Aref Alsouqi — Wed, 27 Nov 2024 09:36:12 GMT

The apps are inspected based on the payload not on source or destination IPs.