I'm having a hard time configuring a navigation policy on a SMB appliance. It's really not working as intended as far as i'm concerned.
I was wandering if a good practice would be to allow "network protocols" category as it contains OCSP, NCSI, ssl, and other network protocols designed for navigation but im worried if this would allow pages i dont want to allow.
I also find it works kinda randomly and sometimes i dont really dig how it works, sometimes it matches an application, sometimes the same petition does not match the application.
Lan Networks as a source should match identity awareness connections?
Should i place a rule allowing "network protocols"?
Does anyone has any expirience on this and has already a template/good practice for nailing this?
Thanks in advance