Comments
-
So this hot-fix brings botnet and password spray mitigation to the Email Security Appliance?
-
Right on the heels of a reboot after applying the latest firmware this morning, I was alerted from the device the following: SSLVPN: id=sslvpn sn=xxxxxx time="2023-03-10 07:36:48" vp_time="2023-03-10 12:36:48 UTC" fw=x.x.x.x pri=2 m=34 c=402 src=77.73.131.6 dst="y.y.y.y" user="Unknown" usr="Unknown" msg="WAF threat…
-
With the help of BWC, I believe what is happening is that when it is a relayed email, the SonicWall ES 500 disregards the last IP for the Top Connections chart. For the chart, it will use the IP address of the hop before the last one. This is why I was unable to reconcile the IP addresses on the chart to the connections…
-
I posted this to the wrong forum; Mods please move to the email security appliance forum.
-
Yup, I just came here to retrieve it, but I'm not seeing it yet. ...[edit] and right after posting this, it appeared.
-
The only auto update I located on the appliance is under the EPC status. Where can I find the ability to disable the auto update for the NetExtender?
-
This is what I received form support today- "we have reports that the 10.2.1.-319 client is not working in windows 7 (we dont support windows 7 anymore) The 10.2.1.-315 client will work for windows 7." That's all fine and good, but: a. how to prevent the new client from being downloaded and installed on the Windows 7 hosts…
-
Found it! Thank you, I was looking for EPC usage under the domain/portal and when I couldn't find it, I assumed it was an all or nothing setting. I truly appreciate your help.
-
Yes, that is correct. The External users would not be subjected to an ECP inspection. Can this be controlled via policy?
-
Thanks @BWC, I'll examine the policy route, but because of ECP profiles (particularly making sure the computer is a member of the domain and AV requirements), I think I'm dead in the water pursuing this without turning off ECP.
-
It looks like this was resolved in 10.2.1: SMA-2317 The System Settings page needed for upgrades is blank and not functioning as expected.
-
Thanks for the tip! We'll be replacing it with a SMA 410, so the transition should be painless.
-
I understand the the SMA line firmware has been fixed. This article is about the SRA product line, particularly the SRA 4600 running 9.0.0.5 which I was running up until this article came out. Now I'm anxiously awaiting the arrival of a new SMA to replace it.
-
What are the Indicators of Compromise for the appliance? I see on the FireEye blog the ioc's for the ES running on Windows server, but it doesn't translate well to the ES5000 running Linux. I'm concerned because the appliance locked up a week prior to this announcement. I did look through the local user accounts, and there…
-
I see that the exception management referenced here is for the Capture ATP, but currently Capture ATP is turned off. The file is still being flagged for a virus by the ES5000.