Palo Alto has a function in their firewalls called policy optimizer that can identify applications seen in a port-based access rule and then convert those rules to application based.

I have not seen anything equivalent in FTD, so what’s the best strategy to migrate from port-based to application-based rules?

Here’s a screenshot from my lab Palo Alto firewall, showing the policy optimizer.

/Chess