TZ 670 DPI-SSL
I am configuring my TZ 670 and turned on DPI-SSL Client.
Under General Tab, I turned on
Audit new default exclusion domain names prior to being added for exclusion
If I did not turn this on, would the system automatically add connection failures to the Common Name Exclusions?
Also, I am testing it with one workstation for now. I have a lot of microsoft.com failures. Is it typical to just add microsoft.com to the exclusion oppose to the various items?
When adding a site, do you put the "." in from or not? Which is correct?
.microsoft.com or microsoft.com
The built in ones do it both ways. Some with the "." others without?
Last, when excluding there is an option to:
Always authenticate server before applying exclusion policy
It is disabled by default. I saw in a KB article to enable this. Which should I do?