XG135 (SFOS 16.01.2) is blocking unknown protocol traffic by default

The "Block unrecognized SSL protocol" is perhaps misnamed.  There was some internal discussion about how to name/describe it simply and accurately.  Basically there is traffic that is trying to use SSL protocol or ciphers that are known to be compromised or unsafe.  For example, the XG support TLS 1.0, 1.1, and 1.2.  It does not support SSL 3.0 because that protocol is now considered unsafe.  If a client tries to connect to a server using SSL 3.0 we have two choices - we can block it, or we can allow it and tunnel the traffic unscanned.

To be clear - this is not blocking "unknown protocols" this is blocking "known but unsupported (due to unsafe) SSL protocols".  It only applies to SSL protocols.

Turning this option off will allow access to old websites that do not have modern SSL implementations and which are much more likely to be hacked.

Without knowing more about your situation, I couldn't tell you whether this option would even affect your traffic.

The "Block unrecognized SSL protocol" is perhaps misnamed.  There was some internal discussion about how to name/describe it simply and accurately.  Basically there is traffic that is trying to use SSL protocol or ciphers that are known to be compromised or unsafe.  For example, the XG support TLS 1.0, 1.1, and 1.2.  It does not support SSL 3.0 because that protocol is now considered unsafe.  If a client tries to connect to a server using SSL 3.0 we have two choices - we can block it, or we can allow it and tunnel the traffic unscanned.

To be clear - this is not blocking "unknown protocols" this is blocking "known but unsupported (due to unsafe) SSL protocols".  It only applies to SSL protocols.

Turning this option off will allow access to old websites that do not have modern SSL implementations and which are much more likely to be hacked.

Without knowing more about your situation, I couldn't tell you whether this option would even affect your traffic.