BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
If you're getting the same log entries over and over again, frequency is a good way to reduce it if no details needed. —Michael@BWC
-
6.5.4.14 is currently the latest for Gen6. There will be probably another one soon. —Michael@BWC
-
It's unfortunate that there are no Release Notes linked with the Firmware. But it's the same version running on HES and it contains some fixes related to AV Engines. Official Release Notes are mandatory, IMHO. I'am running it myself without new issues and gave a green light for my customers to deploy it. —Michael@BWC
-
@KevinLynch there is no rule of thumb for that, it all depends how active your deployment is. You might select the longest time frame to show the logs and scroll down, this should give you an estimate how long the log lasts for your appliance. —Michael@BWC
-
@jayce you might add to your question what APs you like to associate and what Firmware you're running on your Firewall. Or do you like to manage them through WNM? —Michael@BWC
-
@KevinLynch I don't do much log automation via email, but my guess is that the log ring buffer gets filled up every few minutes and this causes the TZ to send out a new mail. —Michael@BWC
-
@CRISL I did no further digging on this topic, but IMHO it's not addressed by App Control or CFS, which is long overdue. The most simple solution I could think of is blocking TCP 443 (DoH) to known DoH resolvers, hoping to catch all relevant ones. You might block TCP 853 (DoT), UDP 8853 (DoQ) and UDP 443 (Quic) to ANY as…
-
Application Offloading is some form of reverse proxying which is only available on SonicWall SMA appliances, not via plain Firewall. OWA (and ActiveSync) is directly supported with SMA. If you specify an external boomark on the Firewall the traffic between client and server (OWA) has to be accessible to the public and…
-
@DP8 if you believe the rating is not correct, report it for a rewview. —Michael@BWC
-
@Techlisalh that's the way how it's implemented, because every request is "rewritten" by the Firewall when accessed via VirtualOffice. It's not comparable with Application Offloading which you might know from the SonicWall SMA, which would be probably a better solution for your demand. But even the SMA is handling HTTP…
-
@Eddie if you buy a new appliance through the Secure Upgrade program your additional (not the base) licenses will automatically transferred when go through the Register & Transfer process. —Michael@BWC
-
@Lala I'am not sure if I understand the situation here correctly, but whenever you want to ping the firewall you have to enable Ping in the interface settings. If you're trying to ping the firewall not from within the same subnet you need an additional Access Rule, but you have to make sure to enable the "Enable…
-
@grabbath blocking bad logins is available in FortiOS for ages. But nearly all VPN solutions are under attack at the moment. Most of my deployments are authenticating against Radius and this gives me the additional juice I need for limiting bad logins. —Michael@BWC
-
@erick_pacheco is something like echo "Y" | necli <connection parameters working? The easiest way woul be probably to use a valid certificate which does not cause a certificate error. —Michael@BWC
-
That is really weird, if you define Main and Alternative Target to 8.8.8.8 with ICMP doess this change anything? Because it should be pingable all the time. —Michael@BWC