Comments
-
Any updates on this issue? ... we are also facing the same problems with a Sonicwall NSA2700. When I exclude the clients IP adress to exclude DPI-SSL the problem is solved, so it looks like DPI-SSL is causing the problem. I now added wt-prod-s3asaservice-storm.s3.eu-west-1.amazonaws.com as Common Name exclusion under…
-
I managed to trigger the same alert on a new Windows 10 VM, only on the .exe of Teams ... MSI installs OK but is not intended for user install. So looks like a false-positive, since most users already have Teams the impact is small.
-
No, we only tried the .exe directly from the MS site. I will try if I can trigger the same alert on a new Windows 10 VM and sort out if the msi also triggers this alert.
-
Ok, so there is no way to disable this?
-
I created a support ticket for this issue, they recommended me to disable the Decoy files in the CC policy to check it the Decoy files are triggering IPS. After disabling the Decoy files option I still got the IPS-alerts and ended up to add sonicwall.sentinelone.net as IPS exclusion. After that the alerts where gone. So it…
-
Just called support about this issue .. the Web Content Filter is causing the problem, workaround is to disable this in the policy.
-
We have a policy to keep the General Release on the Servers .. so luckily they are not updated to this release and remain unaffected .. but mostly all other Windows endpoints are effected. I hope SonicWall will fix this ASAP .. 😒