Thank you all for the responses and sorry for the confusion. The name says "block list" however my use case was to use it just like a group in security and/or decryption policies. The issue is mainly with the decryption policies as even with "no-decrypt" policy, the traffic is getting decrypted. At the same time, the firewall can poll the ip addresses fine external web server to populate dynamic block list (to rule out objects in the group). Further troubleshooting revealed that the normal "no-crypt" policy is not working however if I negate the same group in "decrypt" policy, it works fine. I have a case open with support as well.
... View more