Virus information very generic

BWC · September 2020

Hi guys,

I re-married my TZ 400 with CSC-MA (1.7) and got the first notifications about viruses found.

But what on gods earth should I make with these? Seriously Virus-7 and -5?

info = THREAT-TYPE :: Virus, Name :: Virus-7, SRCIP :: 10.x.x.x (Private IP), DSTIP :: 23.214.197.139 (Netherlands)

info = THREAT-TYPE :: Virus, Name :: Virus-5, SRCIP :: 10.x.x.x (Private IP), DSTIP :: 17.253.55.205 (United States)

I saw these kind of useless at on-premise installations of GMS 8.x as well in the past, but can't remember what the solution was.

Any idea?

--Michael@BWC

BWC · October 2020

Hi guys,

it took a while, in the meantime CSC is shwoing real Threat-Names. It was similar to a problem on on-premise, it felt like the system was not aware of the signatures and loaded this information over time.

--Michael@BWC

Darshan · September 2020

@BWC Could you provide me CSC SN and screenshot from these Alerts ?

Halon5 · September 2020

Unfortunately SonicWALL's security alerts just seem to present as "A LOT OF TWADDLE" these days... :(

Darshan · October 2020

@BWC Thanks for update, good to know its working now. We can sync the signatures from backend if needed for CSC. for on-prem you can sync signatures from AppFlow GMSFlow Server and Sync Server option.

BWC · October 2020

Hi @Darshan

yesterday a Virus-6 got reported, it seems that not all signatures are loaded into my instance of CSC. Or maybe there are no more names left for Viruses :)

--Michael@BWC

Darshan · April 2021

@BWC It depands on signature update and if we are getting right info from the firmware flow.

Halon5 · April 2021

@Darshan , that is unacceptable for me. It just means its broken.

Join the Conversation

Virus information very generic

Best Answer

Answers