Managing Layer 7 policy across multiple devices is also easy to perform. To illustrate this, imagine that the Application Category "web gaming" is blocked across all devices within an organization, however there is the need to permit Farmville. Using the Search capability in Application Policy Manager, a simple search on Farmville will demonstrate that it is implicitly blocked due to the Application Category block on "web gaming". To enable Farmville, set the Action to Enable for the Farmville Application type entries listed. Deploying the policies to their respective devices will enable this Application across the network.
Layer 7 policies are managed differently when compared to managing Layer 3 policies. Layer 3 policies are applied explicitly in support of the desired security profile. For example, should a given IP need to be blocked, an explicit rule would be applied to the device to enforce this policy. Application Policies are different in that they are managed both explicitly and implicitly, when developing.
- ► Upload AnyConnect Package
- ► Claim Error
- CDO fails to claim the device. Some of the possible reasons could be that an invalid serial number has been entered or the device serial number has already been claimed.
- ► New Certificate Detected
- Certificate on the device has changed. If the device uses a self-signed certificate, then this could have happened due to the device being power cycled.