As an update, we've implemented full SSL decryption since my original post for users, and now the issue persists by having all reddit related web traffic come through as "reddit-base". Previously--when first implemented--"reddit-posting" app-id would appear and function normally. By excluding this from our allow rule we could prevent users from messaging, signing in, commenting, etc... seems to not be the case anymore. I opened a case with PA and they let me know this is a known issue being tracked as bug id CON-50447 but I don't have much more information than that. They are able to reproduce on their end, so hopefully some additional visibility will help.
... View more