@MP18, Unless you are using application-override policies for all of your traffic, which you absolutely should not be, the firewall goes through the same process for identifying the traffic regardless of the security policy. Even when you allow application 'any' on tcp/8443 for example, the firewall itself still identifies the application and does the same process it would if you had identified application ssl on tcp/8443 or otherwise made a custom application signature for the traffic in question. The only way you would see a performance increase would be if you stop layer-7 processing through something like an application-override security policy. This would be ill-advised and honestly wouldn't provide any major performance increases outside of a few outlier applications.
... View more
