Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
146
Views
0
Helpful
0
Replies

The best solution is APP ID based or IP/Port based firewall policies?

jaip
Level 1
Level 1

‎05-30-2025 08:16 PM

I am aware that Cisco SDWAN solution also offers security features such as Firewall, IPS, URL Filtering, AMP, DNS security, TLS proxy. 

I believe we can enable firewall feature alone or we can use one or two or all other features or functions (example IPS and URL filtering) along with firewall feature. 

I would like to know what is the recommended solution to configure firewall policies incase I want to enable firewall feature. 

I would also like to add few more information to make you understand my requirement. 

1. In NGFWs, As you all know we are able to configure IP/port based firewall policies and APP ID based firewall policies 

2. In NGFWs(example Palo Alto) APP ID based firewall policies are recommended. Also it is easy to configure as we don't need to know what IP address/port is required. 

3.It looks like even in Cisco SDWAN solution we are able to configure both APP ID based firewall policies and IP/port based firewall policies. 

4.Since Cisco SDWAN devices perform multiple functions, I heard there is a possibility that router load may increase and its performance will be reduced if I enable APP ID based firewall policies. not sure how true it is 

Hence , Trying to find the best or recommended solution

 

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents