topic My educated guess would be an in Network Security

Secure Web Browser client

dan.letkeman — Tue, 12 Mar 2019 13:22:15 GMT

Hello,

I am experiencing many connections from various users and devices that show as a Secure Web Browser client. When this happens there is usually no web application or url information associated with the connection, so I am unable to know what type of traffic this is.

I have a tac case open, but even they do not know what it is.

See the attached image.

Thanks,

Dan.

My educated guess would be an

Marvin Rhoads — Mon, 24 Apr 2017 05:54:26 GMT

My educated guess would be an application using https without a User-agent string that the FMC can parse. The destination is in Akamai's CDN so not much of a clue there. Possibly it is software updates or streaming content.

Iwould check one of your internal endpoints and use something like tcpview to determine what process is contacting that destination address.

If you had Cisco Stealthwatch (or some other Netflow collector), you could use the AnyConnect network visibility module to gather the information.