Traffic field parameters
Enable / disable multiple traffic rows in change requests
| Configuration Parameter Name | Value |
|---|---|
| EnableMultipleTraffic |
0. To disable multiple traffic rows. 1. To enable multiple traffic rows. (Default) |
Determine whether traffic fields are mandatory
By default, the source, destination, service, and action fields are mandatory for traffic change requests, and FireFlow automatically validates these fields to ensure they are filled in. If desired, you can specify that traffic fields are optional.
Note: You can also disable automatic traffic field validation for the value of traffic fields. See Enabling/Disabling Traffic Field Validation (see Enable / disable traffic field validation).
| Configuration Parameter Name | Value |
|---|---|
| AllTrafficFieldsMandatory |
0. To specify that traffic fields are optional. 1. To specify that traffic fields are mandatory. (Default) |
Enable / disable traffic field validation
By default, FireFlow automatically validates traffic fields in change requests, to determine whether all mandatory fields are filled in with appropriate values. If desired, you can disable validation of traffic fields.
| Configuration Parameter Name | Value |
|---|---|
| ValidateTrafficFields |
0. To disable traffic field validation. 1. To enable traffic field validation. (Default) |
Enable / disable application or service translation for Palo Alto devices
When a change request is submitted for a Palo Alto device, the requestor may define the traffic using a service, even when it would be better to define the traffic with an application.
If desired, you can enable automatic translation of services to their relevant applications. After initial planning, the sub-requests will be created with the service "application-default" and the relevant application. Services will only be translated into an application if they match an application's default service exactly and uniquely.
Note: AppViz users should not enable this configuration option as it will cause flows to fail validation.
Note: This configuration option is only relevant when application awareness is enabled. See Enabling/Disabling User and Network Application Awareness (see Enable / disable user and network application awareness).
Note: The maximum number of services translated per traffic line is three. If more than three services appear in a single traffic line, the services in that line will not be translated into applications.
| Configuration Parameter Name | Value |
|---|---|
| PanoramaServicesTranslation |
0. To disable application/service translation. (Default) 1. To enable application/service translation. |
Enable / disable user and network application awareness
ASMS supports the User traffic field for Check Point devices and the User and Application traffic fields for Palo Alto devices. Network application awareness parameters must be manually enabled.
Awareness means that these fields will appear wherever traffic fields appear and will be considered in all traffic simulation queries such as initial planing, risk checks, and connectivity checks.
If desired, you can manually enable or disable user and network application awareness in FireFlow and AppViz.
Note: After changing either of these parameters, you must restart AppViz in addition to restarting FireFlow.
Note: Disabling this support discards all user and/or network application data in FireFlow and AppViz.
| Configuration Parameter Name | Value |
|---|---|
| ShowApplicationFieldInCreateForm |
0. To disable network application awareness in FireFlow and AppViz. (default) 1. To enable network application awareness in FireFlow and AppViz. |
| ShowUserFieldInCreateForm |
0. To disable user awareness in in FireFlow and AppViz. (default) 1. To enable user awareness in in FireFlow and AppViz. |
Enable / disable inclusion of user-defined custom traffic fields in flat tickets
By default, FireFlow automatically includes all user-defined custom traffic fields (traffic fields, source fields, user fields, destination fields, service fields, and application fields) in the XML of a change request (a flat ticket). If desired, you can disable inclusion of such fields in flat tickets.
| Configuration Parameter Name | Value |
|---|---|
| IncludeUserDefinedTrafficCustomFieldsInXML |
0. To disable inclusion of user-defined custom traffic fields in flat tickets. 1. To enable inclusion of user-defined custom traffic fields in flat tickets. (Default) |
Yes 
No 
