Kim, The best way to allow general internet applications and websites without having to add them manually is to use application filters. This is best way to allow general internet applications when compared to allowing all the traffic or limiting the traffic only to port 80 8080 or 443. Essentially you will follow these steps. 1) go to objects tab-->application filters. 2) create a new application filter based on your criteria, as you wanted to allow general internet applications select the category as general-internet, sub-category your choice and risk (select the applications with different risk levels). So this way you will be able to select an application filter that is matching a wide range of applications of your interest. I have created an application filter named test45. 3) Now use this filter in the security policy in the application tab. Select this application filter (test45) in the policy and for the service tab select application-default, This should be good . Hope this helps Thanks, Sandeep T
... View more