Application ID accurate on encrypted traffic?

craig.brooker — Wed, 06 Mar 2019 16:02:28 GMT

Does the PA do application identification for SSL encrypted traffic without if we aren't doing SSL decryption? For example if a user watches an encrypted youtube video, is the PA able to identify that traffic as youtube, or will it be reported as ssl?

Re: Application ID accurate on encrypted traffic?

BPry — Wed, 06 Mar 2019 18:14:52 GMT

@craig.brooker,

When traffic isn't being decrypted the firewall does a "best effort" attempt to correctly identify the traffic with the information that it can see. Usually for an application like youtube or facebook, this will direct all traffic to the base app-id; so in effect youtube traffic when identified will only be identified as youtube-base, and facebook traffic likewise will only be identified as facebook-base.

topic Re: Application ID accurate on encrypted traffic? in General Topics

Application ID accurate on encrypted traffic?

Re: Application ID accurate on encrypted traffic?