cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Who Me Too'd this topic

Web-browsing application being identified instead of SSL on port 443.

L1 Bithead

We just noticed that in our traffic logs there is traffic with the web-browsing application identified with a destination port of 443. The rule it is hitting on is only a port based rule with 80 and 443 as dest ports. 

 

My question is why would the traffic match the signature of web-browsing since the standard port in the App is 80? Is it because we are not enforcing application-default at a firewall rule so the traffic is identified by the signature reguardless of port?

Who Me Too'd this topic