Does the PA do application identification for SSL encrypted traffic without if we aren't doing SSL decryption? For example if a user watches an encrypted youtube video, is the PA able to identify that traffic as youtube, or will it be reported as ssl?
When traffic isn't being decrypted the firewall does a "best effort" attempt to correctly identify the traffic with the information that it can see. Usually for an application like youtube or facebook, this will direct all traffic to the base app-id; so in effect youtube traffic when identified will only be identified as youtube-base, and facebook traffic likewise will only be identified as facebook-base.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!