Add Application Signatures
You are here: Security Policies & Objects > Dynamic Applications.
To add an application signature:
Field |
Action |
---|---|
Name |
Enter the application signature name. |
Description |
Enter the application signature description. |
Order |
Enter the order of the custom application. Lower order has higher priority. The range is 1 through 50,000. |
Priority |
Enter the priority over other signature applications. Select an option from the list:
Starting in Junos OS Release 20.2R1, by default, the priority for the custom application is set to Low. This allows a predefined application to take precedence. If you want to override a predefined application, you must set the priority to High. |
Risk |
Enter the risk as critical, high, moderate, low, or unsafe. |
Application Identification match criteria |
Select one or more options from the list:
|
ICMP Mapping |
Select a value from the list.
|
IP Protocol Mapping |
Select the numeric value of an ICMP type. The type identifies the ICMP message, such as Unassigned or Destination Unreachable. The range is from 0 through 254. |
Address Mapping |
To add a new address mapping:
|
L7 Signature | |
Cacheable |
Set this option to True only when L7 signatures are configured in a custom signature. This option is not supported for address-based, IP protocol-based, and ICMP-based custom application signatures. |
Add L7 Signature |
Click Add L7 Signature list and select an option from the following:
The Add Signature page appears. |
Add Signature | |
Over Protocol |
Displays the signature that matches the application protocol. Example: HTTP |
Signature Name |
Enter a unique name that is a string of alphanumeric characters, colons, periods, dashes, and underscores. No spaces are allowed and the maximum length is 63 characters. |
Port Range |
Enter the port range for the application. Range is 0-65535. |
Add Members Custom signatures can contain multiple members that define attributes of an application. The supported member name range is m01 through m15. |
|
+ |
Click + to create a member. |
Context (Over HTTP) |
Select the service-specific context from the following list:
|
Context (Over SSL) |
Select the service-specific context as ssl-server-name. |
Context (Over TCP) |
Select the service-specific context as stream. |
Context (Over UDP) |
Select the service-specific context as stream. |
Direction |
Select the direction of the packet flow to match the signature:
|
Depth |
Enter the maximum number of bytes to check for context match. Use the byte limit for AppID to identify custom application pattern for applications running over TCP or UDP or Layer 7 applications. Range is 1 through 8000. The Depth is set to 1000 by default, if not explicitly configured. Note:
Starting in Junos OS Release 20.2R1, Depth option is supported. |
Pattern |
Enter the deterministic finite automaton (DFA) pattern matched the context. The DFA pattern specifies the pattern to be matched for the signature. The maximum length is 128. |