Skip to content

Application ID

Application ID is used as the final source of truth based on actual traffic flowing through the valtix gateway instances to define security policies. This can be specified as a part of defining the service object. Service object is used to identify the type of communication that is happening between a source and a destination. Typically services are identified by layer4 ports. A more powerful and precise way to identify communication is using application ID. This looks into multiple aspects of the payload going beyond layer7 even to understand the actual application in use. This is very helpful in defining security policies more precisely and also prevent against potential hijack of valid layer4 ports by attacks. For application ID to work, either the valtix gateway is acting like a proxy with full TLS decryption or the traffic is in clear.

Selection of Application IDs

  1. Navigate to Manage > Services.
  2. Click Edit of an existing service or Create a new service.
  3. In the Application IDs dropdown , pick and choose the relevant application IDs

Empty application IDs mean that service object choice is purely based on destination port and protocol defined there. If one or more application IDs are specified, then it is an OR condition, wherein if any one of those application IDs is detected then it is considered as matching this service.

Application ID Classification

Below are three (3) classes of application IDs. Client application Ids make sense while defining egress service objects. Legacy application IDs make sense while defining east-west service objects. Cloud service application IDs make sense while defining service objects for use in access security policies to cloud managed services.

Client application IDs are used while defining a service object for traffic egressing the cloud. This is the ID of the application originating the egress traffic. Here are a few examples.

Application Category Application IDs
Command line web utilities Wget, cURL
Browsers Chrome, Firefox, Safari, Internet Explorer
Packaging tools Advanced Packaging Tool (apt)
Cloud utilities AWS CLI

Legacy application IDs are your classic lift and shift applications that the enterprises choose to move from on-prem to public cloud environments. Here are a few examples.

Application Category Application IDs
Interactive SSH, Telnet, RDP
Databases MSSQL, MySQL, PostgreSQL
File Sharing SMBv2, SMBv3, NFSv4
Authentication LDAP, LDAP-TLS, Active Directory, Kerberos
Data Transfer FTP
Communication RPC
Voice SIP
Transport HTTP, HTTPS
Name Resolution DNS

Cloud service application IDs are your native cloud managed services. Following is the list of application IDs for AWS managed services.

AWS Service Application ID
AWS Alexa
AWS Amplify
AWS Api Gateway
AWS Api Execute
AWS App AutoScaling
AWS App Stream2
AWS App Mesh
AWS App Sync
AWS Athena
AWS RDS
AWS Autoscaling Plans
AWS Backup
AWS Batch
AWS Budgets
AWS Savings Plans
AWS ACM
AWS Cloud9
AWS Cloud Dir
AWS Cloud Form
AWS Cloud HSMv2
AWS Cloud HSM
AWS Svc Disc
AWS Cloud Srch
AWS Cloud Trail
AWS Cloud Watch
AWS Events
AWS Logs
AWS Synthetics
AWS Code Artfct
AWS Code Build
AWS Code Commit
AWS Code Deploy
AWS Code Profile
AWS Code Review
AWS Code Pipeline
AWS Code Star
AWS Code Star Notifications
AWS Cognito IDP
AWS Cognito Identity
AWS Cognito Sync
AWS Comprehend
AWS Comprehend Medical
AWS Compute Optimizer
AWS Config
AWS Connect
AWS Data Exchange
AWS DLM
AWS Data Pipeline
AWS Data Sync
AWS DMS
AWS Detective
AWS Devops Guru
AWS Direct Connect
AWS DS
AWS Dynamo DB
AWS DAX
AWS Streams
AWS Elastic Beanstalk
AWS Elastic Compute
AWS Elastic Block Storage
AWS Image Builder
AWS ECR
AWS ECS
AWS EKS
AWS EFS
AWS Elastic Inference
AWS Elastic Transcoder
AWS Elastic Cache
AWS ES
AWS Elastic Map Reduce
AWS FMS
AWS Forecast
AWS Fraud Detector
AWS IoT
AWS FSX
AWS Gamelift
AWS Glacier
AWS Global Accelerator
AWS Glue
AWS Ground Station
AWS Guard Duty
AWS Health
AWS IAM
AWS Access Analyzer
AWS Import Export
AWS Inspector
AWS IoT1click
AWS IoT Analytics
AWS Data
AWS Tunnelling
AWS Jobs
AWS IoT Events
AWS Greengrass
AWS Prefix ATS
AWS Greengrass ATS
AWS IoT Sitewise
AWS IoT Things Graph
AWS KMS
AWS Kinesis Analytics
AWS Firehose
AWS Kinesis
AWS Kinesis Video
AWS Lake Formation
AWS Lambda
AWS App Wizard
AWS Models
AWS Runtime
AWS License Manager
AWS Lightsail
AWS Macie2
AWS Macie
AWS Machine Learning
AWS Managed Blockchain
AWS Metering
AWS Mturk
AWS Kafka
AWS Media Connect
AWS Media Convert
AWS Media Package
AWS Media Store
AWS Media Tailor
AWS MGH
AWS MQ
AWS Network Firewall
AWS Network Manager
AWS Opsworks
AWS Organizations
AWS Outposts
AWS Pinpoint
AWS SMS Voice
AWS Polly
AWS Qldb
AWS Quicksight
AWS Ram
AWS Redshift
AWS Rekognition
AWS Pi
AWS Resource Groups
AWS Tagging
AWS Robomaker
AWS Route53
AWS Route53 Domains
AWS Route53 Resolver
AWS Sagemaker
AWS Secrets Manager
AWS Security Hub
AWS STS
AWS SMS
AWS Service Quotas
AWS Serverless Repo
AWS Service Catalog
AWS Shield
AWS SNS
AWS SQS
AWS Queue
AWS SWF
AWS SDB
AWS SSO
AWS Identity Store
AWS Snowball
AWS States
AWS Storage Gateway
AWS Support
AWS SSM
AWS Textract
AWS Transcribe
AWS Transfer
AWS Translate
AWS WAFv2
AWS WAF
AWS Workdocs
AWS Workspaces
AWS X Ray
AWS Elastic Load Balancing
AWS Messaging