BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
@tb_redondo this answer is still valid. https://community.sonicwall.com/technology-and-support/discussion/comment/12937#Comment_12937 —Michael@BWC
-
I guess SonicWall did not disclose the internal URLs affected. It would not make any difference anyhow for securing your appliance. Log Events are properly documented over here (if you're on Gen6 you need to search for the Gen6 reference documentation). —Michael@BWC
-
@Mariusz do you have DPI-SSL enabled? Because for HTTPS it only works that way. CFS, GAV, GeoIP, Botnet and Anti-Spyware do provide a block page, IPS and AppControl do not. —Michael@BWC
-
@Norsmith what are you trying to accomplish? Please elaborate. —Michael@BWC
-
@SWall_Forever this Access Rule sounds insanely stupid, but to assess the risk the accompanying NAT rules are crucial. Only the traffic that gets NATed will hit the Access Rule. What is the destination of your NAT rules, your PBX? In my opinion there is no need for inbound Rules to get VoIP working properly, but it depends…
-
If you don't want to disable GeoIP & Botnet logging then you're probably out of luck. The logging of this event is stupid, because it's done even with Remediation disabled in the settings. Setting the loglevel to Warning might help, but I can't tell what you'll missing. —Michael@BWC
-
For automtic Load Balancing you don't have to add any custom Routing Rules, You can check the Statistics in the Failover & LB configuration what the Distribution Ratio is between X1 and X2. —Michael@BWC
-
@Community Manager any news on this? Because CVE-2025-23007 makes 10.3.1 somewhat mandatory. There is no information if 10.2.341 is affected as well, which does not mean much. —Michael@BWC
-
@JST3751 I checked on my TZ 670, there is a SAN certificate (issued from my private CA) installed, covering multiple IPs and Domain Names. Even after a reboot it stays the same. At Device → Settings → Administration → Management your custom cert is selected? Because if it's "Use Selfsigned Certificate" it will be issued…
-
@erenouf you can't, the only option is to feed an external syslog with the events and do the alerting over there. This was discussed in the past: https://community.sonicwall.com/technology-and-support/discussion/5488/port-scan-detected-how-to-whitelist —Michael@BWC
-
@Community Manager do you mind to chime in and provide some info about the state of TSA and DC? —Michael@BWC
-
Steph, best of luck with your TSA journey, it seems DC and TSA are the forgotten childs. It's very hard to argue with a customer to deploy such outdated software components. I had trouble getting it to work with Windows 2022, but I'am not sure at this point if it was TSAs fault.…
-
I guess you should contact your SNWL rep for this, because having so much Rules isn't the usual thing we deal with every day. How is the TZ 400 behaving considering this kind of configuration? I checked on TZ 470 - 670 and it comes with 2775 max Rules as default and can be configured up to 12775. The NSa 2700 comes with…
-
@Larry, my TZ 670 with 7.1.3 created a 32 page PDF with more or less relevant information and a bunch of blank pages and HTML character encoding errors. Enabling the "Executive Summy only" in the Advanced options produces a 5 pager (only two pages holding information), so there is some difference. —Michael@BWC
-
Finally an official statement arrived today, MobileConnect for Windows will be removed from the App Store on February 24th 2025. NetExtender 10.3.1 will be the only option and this back and forth comes to an end. —Michael@BWC