WhatsApp - Application Control

I have read a number of threads about how to make WhatsApp work for devices behind a UTM which all involve creating firewall rules.

Isn't making WhatsApp work through a UTM with Application Control enabled as simple as allowing the application?

In my experience the answer to my question above is 'not reliably'.

We have application control rules to allow the application to be used by devices on our WiFi networks for mobile devices but the user experience is poor.

At times messages are sent/received immediately, however at other times messages are delayed significantly sometimes only being passed hours after they were sent.

The usual giveaway is that the device displays a notification from the WhatsApp application (on Andriod devices) saying 'Checking for new messgaes'. This appears to be a sign that there are messages waiting to be delivered to the device. Messages that are composed and sent will have a clock symbol not get the first grey tick telling you that the message has reached the platform.

If you want the message to be allowed in or out it seems you are left with two options:

  1. Wait until the UTM mysteriously allows the message(s) to be delivered to the device
  2. Disable WiFi and use the device's mobile data connection, in which case the message will immediately either egress or ingress.

Which method should I be using if I want WhatsApp to work reliably? The idea of Application Control with it's granular application definitions appeals and seems a far better approach than using firewall rules to allow connections but if it doesn't work then why include it in the product?