Technical Tip: Submit Application for Review and Categorization

emalayan · ‎10-01-2024

Description

This article describes that if the Application Control Definitions are up-to-date on FortiGate and the specific application that is looking for is not in the list of Application Signatures under Security Profiles -> Application Signatures, there is no result for the application when a lookup is processed via https://www.fortiguard.com/services/appcontrol is

For issue in Application Control Signatures not updated automatically see: Technical Tip: Application Control Signatures are not updated automatically
See the following article to manually upgrade Application Control Definitions Manually: Technical Tip: How To Upgrade Application Control Definitions Manually

Scope

FortiGate.

Solution

Submit Application Control Submission form via the following FortiGuard website: https://www.fortiguard.com/faq/appctrlsubmit

2024-09-30 13 23 31.png

After submitting the request, the FortiGuard team will send an email. Note that the FortiGuard team may request packet capture for the application. Before submitting the request, it is advised to do a packet capture for the application by performing the following:

Close application completely. To avoid capturing unnecessary traffic from other applications, please also to close other running applications
Connect to FortiGate CLI and turn on logging in the client (SSH, telnet, putty or console). For putty, the this below KB article: Technical Tip: How to create a log file of a session using PuTTY
Type 'diagnose sniffer packet <interface_name> 'host <device IP address>' 6 0 l'.
Start the application and and perform some basic operations using the application.
After capturing traffic, press ctrl-c to stop the sniffer.

Related document:

Creating IPS and application control signatures

Technical Tip: Submit Application for Review and Categorization

You are leaving our website