▲ 5 r/networking
Advice Request - Implementing Changes From Security
The security team at our org doesn’t trust the app-id that is provided by PA because they can’t control it.
Their request is that we create separate policies per app that restrict app-id to specific domains.
Thoughts on how to approach this? Is this contradictory to best practice?
It’s certainly more admin overhead and we’ve already experienced issues where we’re hunting down logs and making multiple changes whereas 1 change with the app-id would have sufficed.
u/po1thyme — 3 days ago