That is hard to answer depending on many variables. For example, maybe Google was using TLS1.2 but your PAN was not yet at the version which added 1.2 support so it wasn't decrypting that specific traffic. Or maybe Google just added GZIP compression to their public services. Or maybe a PAN content update allowed it to better identify GZIP compression within Google apps. PAN has supported GZIP compression identification for quite a bit though. It even uncompresses and scans GZIP encoded traffic essentially (IPS Scanning of Compressed Files) As for PAN adding gzip as necessary to the App-ID for the Google Apps, are you just looking for the firewall to tell you that you also need to allow GZIP? Because if you have an explicit deny, I do not believe it auto-allows other needed apps. I think it only does this if you lack an explicit Deny. But you should always have an explicit deny.
... View more
We are facing a problem with a lot of "unknown" URL's (Brightcloud DB) although the URLs in question are well known sites. We already filed a case but the problem could not get fixed until now. We are on 5.0.7. After clearing the url-cache all works fine again for a unknown amount of time (days,weeks). But clearing the url-cache manually every now and then cannot be the solution. Now I am reading about a bug in the cache timeout value.
By default, the cache has a timeout value of 24 hrs. We recently identified a bug recently where this variable was not getting configured properly, but this should be addressed in a future release (meaning you'll be able to configure this to a number of your choosing).
Can you give us some more info about this one ? rgds Roland
... View more