To attempt non-SSL traffic over 443, I'm guessing, would involve a request that looks like CONNECT http://example.org:443 ...
So, there would be criteria involving URL.Protocol (I think) and URL.Port. For example:
URL.Port equals 443 AND URL.Protocol equals "http"
Of course, I haven't tested this, and there might be some fiddling and other considerations. Rule traces and packet traces might be necessary to get everything in order.
Intercept SSL Traffic and all non webtraffic will fail :-)
Thank you for the quick response. Its probably not that difficult, but I am having trouble finding a detailed explanation for all the rule criteria. I will need to set up a scenario where I can test these different combinations....wont be for a couple of weeks though.
I think SSL inspection might be a bit of a overkill for this.
In case someone has set this up already, feel free to comment