Context profiles enable creating attributes key value pairs such as layer 7 App Id, and Domain Names. After a context profile has been defined, it can be used in one or more distributed firewall rules and gateway firewall rules.
There are two attributes for use in context profiles: App Id and Domain (FQDN) Name. Select App Ids can have one or more sub attributes, such the TLS_Version and CIPHER_SUITE. Both App Id and domain name can be used in a single context profile. Multiple App Ids can be used in the same profile. One App Id with sub attributes can be used - sub attributes are cleared when multiple App Id attributes are used in a single profile.
Currently, a predefined list of domains is supported. You can see the list of FQDNs when you add a new context profile of attribute type Domain (FQDN) Name. You can also see a list of FQDNs by running the API call /policy/api/v1/infra/context-profiles/attributes?attribute_key=DOMAIN_NAME
.
Procedure
- Select .
- Click Add New Context Profile.
- Enter a Profile Name.
- In the Attributes column, click Set.
- Select an attribute, or click Add Attribute, and select App Id, URL Category, or Domain (FQDN) Name.
- Select one or more attributes.
- (Optional) If you have selected an attribute with sub attributes such as SSL or CIFS, click Set in the Sub Attributes/Values column.
- Click Add Sub Attribute and select a sub attribute category from the drop-down menu.
- Select one or more sub attributes.
- Click Add. Another sub attribute can be added by clicking Add Sub Attribute.
- Click Apply.
- Click Add.
- (Optional) To add another type of attribute, click Add Attribute again.
- Click Apply.
- (Optional) Enter a description.
- (Optional) Enter a tag.
- Click Save.
What to do next
Apply this context profile to a layer 7 distributed firewall rule (for layer 7 or Domain name) or gateway firewall rule (for layer 7).