1. To allow simple HTTPS web browsing traffic it isn't enough to allow "web-browsing" application in the policy, you must to allow "SSL" application as well, otherwise only HTTP browsing will work, but not HTTPS. (jerish) - The application Webbrowsing detects HTTP only. To allow HTTPS, you must use the application SSL only. No need to use web-browsing app in the policy. You canget details abou the application from the Applipedia at http://ww2.paloaltonetworks.com/applipedia/ 2> You must have a decrytpion rule to decrypt SSL connects to look for non-HTTPS applications. You can create a security policy to allow application SSL only. Any unknown apps will show up as unknown-tcp. Do you happen to have list to apps usign SSL that were permitted?
... View more