this is expected as any request needs to be authenticated. Please find below the description from Product Guide:
Enable NTLM cache:
When selected, NTLM authentication information is stored in this cache.
Authentication is then based on this stored information, rather on
information retrieved from the Windows domain server.
Use authentication cache
When selected, authentication information is stored in a cache.
Authentication is then based on this stored information, rather than on
information retrieved from an authentication server or the internal user
P.S.: This two authentication entries are related to NTLM Handshake not to your agents, please see more details in this article
How long will the entries be stored in the cache?
For the time period configured in "Authentication cache TTL" and "NTLM cache TTL".
Does TTL meant time after first appearance or after last?
Is it possible to dump the current cache values?
The 3 way handshake between client and proxy must done for each requests.
These values are only for caching the requests to the AD server???
you're right this values are to reduce the traffic and requests sent to your AD. This detailed information will bring some light in the dark:
For the TLL start time I expect the first request. Based on my information it would otherwise never expire.