Hi,
When you are not using SSL policy it is expected that you see those messages because all encrypted traffic like for port 443 , SFR does not understand it and hence requests ASA to drop the packet .
Though the Enhancement that you have mentioned is only valid in case of SSL policy because when we are decrypting/re-encrypting packets we drop the original and inject the newly re-encrypted packet. So with the ssl policy enabled (and ssl traffic) the SFR requested drop counter in the ASA will increment.
Regards,
Aastha Bhardwaj
Rate if that helps!!!