It depends on traffic flow if traffic is initiated from the user inside the network then you only need to block the application in security
rule for traffic from inside to outside.
If you have some Internet facing servers and users access from Internet to access that and it is using port 443 then you need to block
the application in security rule from outside to inside.
Also you need to enable ssl decryption for this it is using port 443
"If you have some Internet facing servers and users access from Internet to access that and it is using port 443 then you need to block the application in security rule from outside to inside."
This sounds a little confusing. From external you probably won't detect traffic coming from TOT exit nodes or do you mean when there is a TOR node bebind the paloalto firewall that is publicly available?
Do you have any web servers which are public facing?
IF yes then you need security policy from untrust having source address as any to the public ip of web servers.
Source Zone Untrust
Destination Zone - Where your web servers reside.
Be careful when you do this as we do not know your environment.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!