Comments
-
@shiprasahu93 thank you for your reply. I've checked - from DC to LAN zone we have rule which allows all traffic. On tab 'Advanced' in rule setting no enabled checkboxes like 'DIsable DPI' if i right understand you. So i think the best way is to open TT with sonicwall support.
-
@fmadia agree. i mean even if security services not enabled for DC zone but these services enabled for LAN zone for inbound/outbound direction. I think sonicwall should detect attack in any way. I asking because I can't formulate for the management why this was happend. Maybe we need to enable some other features which we…
-
@fmadia you are right, for DC zone Gateway AV, Anti-Spyware, IPS features not enabled. So, you believe this is the reason?
-
@fmadia, perhaps I didn't make it clear - hosts inside the local network were infected, I.e. the data was transmitted without encryption. Example of log messages from sonicwall: May 15 20:02:14 lgb-sonicwall id=sonicwall sn=XXXXXXXXXXXX time="2020-05-15 20:02:14" fw=12.7.x.x pri=6 c=1024 m=537 msg="Connection Closed"…
-
Hi @fmadia, thank you for your reply. DPI-SSL not activated(looks like it is license restriction). On hosts we have Symantec antivirus. Gateway Anti-Virus Global Settings you can find below: About MIBs - we have two monitoring systems Zabbix and PRTG and we want to monitor alerts regarding viruses in PRTG for example. Am I…