It would be great to have the selection of layer 7 rules updated, for example, under "Databases &Cloud Services" we only can choose from AWS, Azure, IBM, and SAP.
It would be great to be able to choose from some of the more well known bad actor cloud platforms that are marketed as "Bullet proof" hosts and block their entire ranges instead of needed to hunt and peck for subnet ranges to add to layer 3 rules.
Solved! Go to Solution.
MX16 uses NBAR for app classification and there are quite a few more canned apps listed
If you have specific instances of cloud providers and their ranges that you would like to get classified I'd recommend logging a "make a wish" feature in the dashboard.
In regards to blocking ranges outside of the NBAR classifications have you maybe thought about using the Geolocation (Countries) option of layer7 rules for blocking suspect countries where these cloud providers operate?
What MX firmware are you on? I think there are significant improvements in 16 vs 15.
MX16 uses NBAR for app classification and there are quite a few more canned apps listed
We are on MX15, I see that MX 16 is currently on a release candidate, we will need to wait for it to be an official release before moving to this build. We are already implementing geo-blocking, however, the providers that we are having issues with are us based