I've started noticing this happening after upgrade to 6.5R4.1. When users are browsing external websites like cnn.com, I can see from the event logs the DNS resolution going though the IVE on the WSAM client. This is causing performance issue and noticeable slowness. I don't recall this happening in the previous code. Our temporary fix right now is to disable dns under the debug tab fromt he WSAM client. I have a case open with Juniper for a permanent fix but wanted to reach out to see if you guys have any suggestions.
Re: DNS resolution through SAM for external websites
Do you have WSAM configured in application mode (as it sounds like you do)? When this is configured post-6.4, you will see this behavior when using allowed applications. Please see KB15686 for more information on this topic.