I am attempting to implement best practice internet gateway in the 7.1 admin guide. One on the steps toward the end is creating Temporary tuning rules to see what applications are communicating over non-standard ports. I have rule above the tuning rules allowing for web-browsing and ssl over "application-default" I was surprised on the amount of traffic that was hitting these Temp rules. Having trouble understading logic. Why would browsing to applipedia.paloaltonetworks.com show as application "web-browsing" to port 443?
We do have outbound SSL decryption on. See log attached.
Thanks for you time