PA-3020 is falsely identifying some adobe-creative-cloud-base traffic as being a threat. I can't add an exception for this as the log view does not contain a threat ID as it normally would for a threat. All of my dynamic updates are up to date.
The URL filtering profile is set to ‘alert’ for computer-and-internet-info (I have most of the categories set to ‘alert’).
The rule is set to ‘application default’ for the ports.
How to resolve this issue?
I have not ever seen an application signature being false postive for a threat.
Now, it could be information inside the flow, using the app signature, but definitely not the app signature itself.
As for the URL category set to alert, then I would want to see a screen capture of the security profile group (if any) for your rule.
I am thinking you may have multiple URL filtering profiles and one of them is set to block.
But we would need see screen captures to show us this info.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!