http proxy exceptions vs separate packet filter policy
I've got a whole bunch of fqdns i'd like to whitelist on for new outbound connections all fireboxes i set up. Is there technically a difference where i put the whitelist? For instance, I was thinking of creating a packet filter policy for port 80/443 and adding all of my fqnd's to an 'allowed' alias. Seems like better visibility and easier management, versus adding items to the http proxy exceptions list in the proxy action. (We typically do not inspect https traffic, but do use https proxy for webblocker). is there a best practice for this? and is there any technical difference in how these objects would be processed?