When reviewing our SSL Inspection policy, I noticed there was a “Block” option in addition to Do not Inspect and Inspection.
This prompted me to think - why does that option exist if we can block URLs/applications via URL and Cloud App Control?
Do Zscaler nodes do a second round of URL and cloud app control policies after TLS traffic is decrypted? I know ATP, malware protection, file type control uses additional information which is encrypted, but does URL and Cloud App control use that additional info?
About Policy Enforcement | Zscaler has details but I’m not 100%