Unsupported Layer 7 Application ID's vDefend Firewall 9.1 onward
Article ID: 410572
Updated On:
Products
VMware vDefend Firewall
VMware vDefend Firewall with Advanced Threat Prevention
Issue/Introduction
Few Layer 7 Application ID's are not supported in the vDefend Firewall 9.1
Environment
VMware vDefend Firewall 9.1.x
VMware vDefend Firewall with ATP 9.1.x
Cause
With version 9.1, support is being expanded from 800+ App IDs to 5,000+ App IDs in Context Profiles. As part of this enhancement, small set of existing App IDs will be not supported starting from version 9.1. User will not be able to create a context profile with an unsupported APPID.
Resolution
| APP | Comments |
| ADPGLBVW ADPRESRC ADPTTSRC ADPVNTAG ADPWRKFC ADPSTRML | Unsupported - The variants of ADP are supported by the new application ID ADP |
AMAZONUB AMAZONIV | Amazon Unbox player was deprecated by amazon. Amazon now uses amazon_video protocol |
| BINGMAPS | Unsupported |
| DENA | Unsupported |
| FPROT | Unsupported |
| HTTPAUDO | Will be supported in an upcoming release |
- If an unsupported APPID in configured in the ruleset, warning will be thrown to indicate that it will no longer function as expected.
- If the application is still present in the deployment, a Layer 4 rule can be created to process the application traffic.
- During pre-upgrade checks, a warning message may appear for the system-created Context Profile “FPROT”, as it contains the “FPROT” App ID, which is now unsupported.
No action is required other than acknowledging the warning message. - Post the upgrade (after upgrade finalized), the unsupported APPID needs to be removed from the profile before consuming profile in rule and publishing policy.
Feedback
Yes
No
Powered by
