Comments
-
Hi there. No, I haven't. But I should be able to ascertain that information without an addon or a 3rd party product, shouldn't I?
-
Greetings... I wish I had an update, but I haven't been able to circle back to this issue yet (as frustrating as it is). I'm pretty sure they're not making it through, because my Symantec clients aren't logging them.
-
Hi @Saravanan; thanks again for your attention. However, while I'm not against getting Support involved, I think I may have muddied the waters when talking about my SIEM tool. I only mentioned it because it is what enabled me to discover the problem with how my Sonicwall is logging events. So, in summary, I have two…
-
Hi @Saravanan; thanks for getting back to me. So, the plot thickens somewhat. First, a quick background: one of my SIEM tools parses out my Sonicwall logs and corelates the connecting IP addresses with known malicious IPs, and produces a "top 10" report of inbound connections from those malicious IPs, based on the number…
-
So, @Saravanan... any further thoughts or input from your colleagues? This issue is really keeping me from knowing just what is and is not getting into my network.
-
Hi @Saravanan... thanks for getting back. So, to be clear, the issue I'm having is with the _logging_, in that the logs seem to indicate that a connection was allowed ("Connection opened") when in _fact_ I know that it was dropped. In this case I'm only talking about inbound connections (WAN to LAN). In addition to Stealth…