With application defenses, you configure for example if a proxy or packet filter will be used for a rule, if it is a proxy - will it accept transparent or non-transparent, what kind of filtering/scanning will be done (smartfilter, av-scanning, etc). There is to much to this to write it down here.
Do you have the product guide? If not, you can download it here:
Chapter 11 covers Application Defenses (page 171 and following). It also explains the generic (required) defense.
Understanding Application Defenses
How the Generic Application Defense profile works
Managing Application Defense groups
Managing Application Defense profiles
Many thanks Volker.