iDrive Backup

Question

How does one best set up firewall rules for iDrive backup solution? 
 Problem: 
 A network I am working on uses iDrive backup solution. iDrive connections are prevents when using the XG Firewall inline. I've likely narrowed down the issue to when "Prevent traffic that avoids HTTPS scanning by using invalid SSL protocols" is enabled. If that is not enabled, backups work fine. After contacting iDrive Support asking about which protocol they use, their response is: 
 We are not using SSL but use port 443 for connections. Due to the use of port 443, SophosXG firewall is indirectly considers the connection as SSL. Please uncheck the "Block unrecognised SSL protocols" and continue the backups. 
 Attempted Solutions: 
 
 Not enabling "invalid SSL protocols" prevention (but is less secure overall) 
 Whitelisted iDrive's IPs (no effect) 
 
 Questions: 
 
 What exactly does "Prevent traffic that avoids HTTPS scanning by using invalid SSL protocols" entail? 
 Any other work around besides not enabling "invalid SSL protocols" prevention?

lferrara · Answer

Greg, 
 if the Web Exceptions does not work, by creating a a web exception where you put the destination IP address/URL and check the option "Skip HTTPS decryption", I guess you need to keep the option disabled. 
 For the question 1: 
 https://community.sophos.com/kb/en-us/123283 
 This will allow access to HTTP/S websites that are running on proprietary protocols. 
 Regards