topic Unexpected Classification of 443 Traffic as &quot;naver-line&quot; with Subcategory &quot;voip-video in Next-Generation Firewall Discussions https://live.paloaltonetworks.com/t5/next-generation-firewall/unexpected-classification-of-443-traffic-as-quot-naver-line-quot/m-p/596696#M3681 <P><SPAN>Hi everyone,</SPAN></P> <P>&nbsp;</P> <P><SPAN>1) End user has confirmed that these users' computers do not have the LINE application installed. However, the 443 traffic is being identified as "naver-line," with a subcategory of "voip-video." Could you please help us understand the cause of this behavior?</SPAN></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Suhairul_Salleh_0-1725418752203.jpeg" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/61937i4D2F296FB6A354E7/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="Suhairul_Salleh_0-1725418752203.jpeg" alt="Suhairul_Salleh_0-1725418752203.jpeg" /></span></P> <P>&nbsp;</P> <P>2)&nbsp;<SPAN>And We noticed in the logs that certain activities are classified as the application "outlook-web-online." Could you please explain how this classification is defined? We want to understand if these activities could be related to Windows or Outlook, as we also have an Exchange Server, and the connected IP addresses are indeed from Microsoft.</SPAN></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Suhairul_Salleh_1-1725418788784.jpeg" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/61938i2EC17D0817ED6A9A/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="Suhairul_Salleh_1-1725418788784.jpeg" alt="Suhairul_Salleh_1-1725418788784.jpeg" /></span></P> <P>&nbsp;</P> <P><SPAN>Appreciate your help.</SPAN></P> Wed, 04 Sep 2024 03:00:14 GMT Suhairul_Salleh 2024-09-04T03:00:14Z Unexpected Classification of 443 Traffic as "naver-line" with Subcategory "voip-video https://live.paloaltonetworks.com/t5/next-generation-firewall/unexpected-classification-of-443-traffic-as-quot-naver-line-quot/m-p/596696#M3681 <P><SPAN>Hi everyone,</SPAN></P> <P>&nbsp;</P> <P><SPAN>1) End user has confirmed that these users' computers do not have the LINE application installed. However, the 443 traffic is being identified as "naver-line," with a subcategory of "voip-video." Could you please help us understand the cause of this behavior?</SPAN></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Suhairul_Salleh_0-1725418752203.jpeg" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/61937i4D2F296FB6A354E7/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="Suhairul_Salleh_0-1725418752203.jpeg" alt="Suhairul_Salleh_0-1725418752203.jpeg" /></span></P> <P>&nbsp;</P> <P>2)&nbsp;<SPAN>And We noticed in the logs that certain activities are classified as the application "outlook-web-online." Could you please explain how this classification is defined? We want to understand if these activities could be related to Windows or Outlook, as we also have an Exchange Server, and the connected IP addresses are indeed from Microsoft.</SPAN></P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Suhairul_Salleh_1-1725418788784.jpeg" style="width: 999px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/61938i2EC17D0817ED6A9A/image-size/large/is-moderation-mode/true?v=v2&amp;px=999" role="button" title="Suhairul_Salleh_1-1725418788784.jpeg" alt="Suhairul_Salleh_1-1725418788784.jpeg" /></span></P> <P>&nbsp;</P> <P><SPAN>Appreciate your help.</SPAN></P> Wed, 04 Sep 2024 03:00:14 GMT https://live.paloaltonetworks.com/t5/next-generation-firewall/unexpected-classification-of-443-traffic-as-quot-naver-line-quot/m-p/596696#M3681 Suhairul_Salleh 2024-09-04T03:00:14Z