Management General Management Topics Logging and Reporting Multi-Domain Management Policy Management
- Local User Groups
AI & Machine Learning
In the "Application and URL Filtering" report of the Smart Event, in the "high bandwidth user" view, for some users we see applications like "HTTP/2 over TLS" and "SSL Protocol". Beside these applications we can also see applications like youtube, facebook etc. (I have attached a picture from an example report)
What we want to understand is what kind of access generates these traffics? ("HTTP/2 over TLS" and "SSL Protocol"). These applications seems like protocols, not applications, so in stead of these shouldn't we need to see the real application/site?
Thank you for the replies. I have attached some logs and the relevant rule. In the rule "Genel Erisi..." is a site group and contains some URL categories.
Gateway is configured for HTTPS inspection and running on R77.30. But I'm not sure about SNI, where can I check if SNI enabled?