BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
@JonathanZahler without DPI-SSL there is no way to block EXE and even with DPI-SSL it might be some challenge. —Michael@BWC
-
@Luigi77 PBR is what you want, I described it over there and it's similar to your demand: In your case Default Route for LAN1 to WAN1 Gateway and Default Route for LAN2 to WAN2 Gateway. —Michael@BWC
-
@sukarechhe I'am seeing this as well on some deployments. In my case it's related to SSO (authentication) to the Firewall. Is this happening for regular WAN traffic in your case? —Michael@BWC
-
@TraNhu your firmware is way to old and probably due to SSL/TLS issues your appliance is not able to connect to the licensing servers anymore because of the more modern encryption protocols are in use. Update to 6.5.4.15 and give it a try, other benefit would be that you close all the vulnerabilities since 6.5.1.2, a lot…
-
@johnswenson1 my best guess would be, that either the Subnet mask or the Default Gateway of the statically configured clients does not matach your configuration. Make sure they are correct. —Michael@BWC
-
@TechGuardian I had some weird issues myself on my Mac recently and it was caused by an SentinelOne Update. It ended up in having multiple "Filter & Proxys" installed in my Network settings. In my case "SentinelOne Network Monitoring" was registered twice which caused random drops of Network Connectivity. It's just a wild…
-
@lgfamisan go into the settings of your "Defaulf LB Group" and check the tab Probing. If "Probe responder.global.sonicwall.com on all interfaces in this group" is enabled you cannot check per Interface and the option is greyed out. Just disable that option and do your probing per Interface like you always did. —Michael@BWC
-
Long story short, the issue was that my CSE org was scheduled for deletion on Oct 2nd because my trial keys expired earlier on. On Oct 1st I activated my retail keys for 1 year, but due to a bug the CSE got deleted anyways. After a long journey with the very helpful Technical Support Team we figured this out, SNWL fixed…
-
@Simon_Weel if you google for Capture Client Admin Guide this is the first thing that comes up: Capture Client is using SentinelOne as underlying product and just add some bells and whistles to it. Sometimes it lacks behind the SentinelOne Release schedule, which can cause trouble like related to OS updates etc. Some…
-
@Siuren the NSa 2700 has to be registered with MySonicWall, then you should just follow the steps I mentioned above. -5145 is the way to go for using the Migration Tool, then update to -5161 after migrating the settings. If your appliance is registered and download is still not possible contact Customer Support. I checked…
-
@johnswenson1 this sounds right to me, if all of your endpoints have a valid default route back to the TZ470. You might check with the Packet Monitor, just filter for your Source and Destination Address and have a look for dropped packets. —Michael@BWC
-
This might be what you're looking for. —Michael@BWC
-
@bzperry I'am located in Germany, the distributor pricelist shows price band 1-24, I googled the SKUs and 5-24 showed up. I believe 5-24 is outdated, because if I check the catalog on MySonicWall it shows 1-24 as well. A question probably only SNWL can answer for your geographic location. —Michael@BWC
-
@bzperry an Endpoint is a Computer (Windows, macOS, Linux) which needs to be licensed for using Capture Client. You don't license CC to the Firewall. The license can be attached to a Firewall to enforce CC when behind a SNWL Firewall, but this is not mandatory. There are a couple of SKUs available, I mentioned the price…
-
@bzperry you can see Capture Client as an independent product from the Firewall. Capture ATP (auto mitigation) is done on the Endpoint not on the Firewall if enabled in the CC policy. If you have Capture ATP and DPI-SSL enabled on the Firewall as well, it will be inspected there first, but you don't need to rely on it.…