Does HTTPS categorization work on non-standard ports? How does the gateway decide that it has to or can categorize a site?
I think I may have answered my own question. I decided to RTFM (Application Control and URL Filtering Guide) and found "urlf_ssl_cn_enc_http_services_only" which is documented under fine tuning HTTPS Categorization. It's a system property that controls which ports are monitored for SSL signatures. The default value is "False" which means "The Security Gateway listens for SSL signatures on all ports". If "True" it only monitors services defined as "ENC-HTTP" in the protocol section.
The list of services defined under Application Control Web Browsing Services would be the safest bet.
Please excuse my newbiness but where would I find the equivalent in R77? Is it in the services listed in the HTTPS Inspection policy?
R77.30 and earlier are not quite as flexible, but there is an option to perform HTTP Inspection on non-standard ports:
Ah well there you go
Retrieving data ...