Access Rules and DPI SSL - which is first?
I'm puzzled. DPI-SSL is a bit troublesome. Decided to switch it on (again) this week and see what happens. I occasionally look at the Show Connection Failures table. And among others, it lists v10.events.data.microsoft.com with a Server handshake error-error:00000001:lib(0):func(0):reason(1). This site is related to Windows 10 telemetry and can be blocked without problems. So I created an Access Rule to Deny outgoing traffic to this domain. It lists a lot of hits, so it's doing it's job. Or does it? Because if I check the DPI-SSL Connection Failure List, it's still listed?
So I wonder what's first - the Access Rule to block this site, or the DPI-SSL check? Or maybe I miss-configured something?