Hi Fletch,
The UA will initiate two tunnel to the Cloud VPN, where one is for logged in user and another is non-interactive-user.
The normal Internet access for browser and application that is able to honor the Operating System's logged in user id via the logged in user Cloud VPN tunnel.
As for the non-interactive-user, which all known as system tunnel are for system process, control message or any third party application/software that is not able to honor the Operating System's logged in user id.
As on the Cloud portal, it display the logged in user name id with the non-interactive-user, as with this you will be able to better determine if there were any authentication issue on the UA active connection.
That said, however, you may disable the Cloud portal to log the non-interactive-user via Cloud portal > Service > Service > Mobility > Enforce username Formate in Traffic Tunnel > Username format > Logged in User ID.
regards
C Saravana Kumar