Context Profiles are used in firewall rules.
There are five attributes for use in context profiles: App ID, Custom URL, Domain (FQDN) Name, URL Category, and URL Reputation. Select App IDs can have one or more sub attributes, such as TLS_Version and CIPHER_SUITE. Both App ID and FQDN can be used in a single context profile. Multiple App IDs can be used in the same profile. One App ID with sub attributes can be used - sub attributes are cleared when multiple App ID attributes are used in a single profile.
Both system defined and user defined Fully Qualified Domain Names (FQDNs) are supported. You can see the list of FQDNs when you add a new context profile of attribute type Domain (FQDN) Name. You can also see a list of FQDNs, and where they are used by navigating to
.Procedure
- Select .
- Select the Context Profile tab and click Add Context Profile.
- Enter a Profile Name, and optional Description.
- In the Attributes column, click Set.
- Click Add Attribute, and select one or more attributes from the drop-down menu: App ID, Custom URL, Domain (FQDN) Name, URL Category, or URL Reputation.
Attribute Procedure App ID - Advanced App IDs found here NSX Application IDs require a custom profile. - Enter the name of the advanced App ID you'd like to use in firewall rules.
- Click Add.
- Click Apply.
Custom URL To create a custom URL:
- Click the three dot menu and select Add Custom URL.
- Enter the URL.
- Click Save.
Domain (FQDN) Name Select a system FQDN by scrolling down the list. To create a user-defined FQDN:
- Click the three dot menu and select Add FQDN.
- Enter the domain name in the form *.[hostname].[domain]. For example, *.abracadabra.com. Do not include http:// or any other header.
- Click Save. The newly created FQDN appears in the attribute value column.
- Search and add additional FQDNs.
- Click Apply.
URL Category - Select one or more URL categories by scrolling down the list.
- Click Add.
- Click Apply.
URL Reputation - Select one or more of the attributes by clicking in the box.
- Click Add.
- Click Apply.
See FQDN Analysis Dashboard for more information about URL reputation.
- (Optional) If you have selected an attribute with sub attributes such as SSL or CIFS, click Set in the Sub Attributes/Values column.
- Click Add Sub Attribute and select TLS_VERSION, TLS_CIPHER_SUITE, or CIFS_SMB_VERSION.
- Select one or more sub attributes.
- Click Add. Another sub attribute can be added by clicking Add Sub Attribute.
- Click Apply.
- (Optional) Enter a tag or scope. See NSX Tags for more information.
- Click Save.
What to do next
Apply this context profile to a layer 7 distributed firewall rule (for layer 7 or domain name), or gateway firewall rule (for layer 7).