BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
Thanks @JohnStevo for the information and clearing this up with Support. Noone at SNWL saw the need to chime in here. Let's sit back, wait and hope for the best. --Michael@BWC
-
Hi @rgrking I checked on my installation at home and the check was not complaining about any restrictions: https://www.youtube.com/check_content_restrictions I double checked, when activating in the CFS Policy on my Firewall it showed that I'am in restricted mode. But it seems it does now honor 'Enforce behind SonicWall…
-
Hi @Halon5 the last experience was more with Temporary Errors (whatever that means), running the latest avilable 10.0.9 release. If TOC is causing "Body Hash Mismatch", this would be plain stupid, DKIM checks have to be done before altering the mail. But who am I to judge. --Michael@BWC
-
@Micah et al. the gifted 60 day WAF license is going to expire in a few days. Does the SMA still needs it to protect itself or are we "good" to run it without it? --Michael@BWC
-
How to follow this advice SNWL? --Michael@BWC
-
Hi @JanSkod I have no stressable data for you, but if you're seeing the same IPs over and over again causing many connections I guess it would be IMHO better to have them blocked before GeoIP checking them. I would probably block whole networks instead of single IPs if they are coming from the same block. If you're doing…
-
Is disabling TLS v1.2 and having only TLS v1.3 a valid mitigation until a fixed Firmware is available, because it seems to be TLS v1.2 related? --Michael@BWC
-
@ThK ... well my CC is good for another 2 years, maybe I'll see any migration from 3.1 to 3.6+ done in this period of time. The other pending Migration from CSC-MA to NSM is another example of Announcement vs. Reality. Your migration to the new Network Security Manager 2.0 is coming soon. We will notify you as soon as its…
-
You brave Soul :) ... outdated S1 Engine still a bummer though. --Michael@BWC
-
Hi @David W because a HES customer complained today that Mails got stuck in the Capture Box for a longe time. Therefore I would like to raise my questions from above again, maybe you might chime in or anyone who has some knowledge about it. --Michael@BWC
-
Hi @SonicAdmin80 on a new deployment (don't ask me why) I experienced Temporary Errors for DKIM today. This could be caused by DNS who knows. But even more strange is the fact that the first Mails with this Error (coming from Microsoft 365) are treated as Threat Likely Spoof with Action to Junk Box. But after a few more…
-
Hi @Darshil you can have multiple Domains assigned to your Portal, therefore you could you use LDAP as a Backup by manually selecting the Domain when logging in. This might be confusing for endusers and maybe bypasses MFA alltogether. In your case I would try to have the Radius be redundant if possible and necessary. Is…
-
Hi @Darshil the Backup Radius Server is no option for you in that case? It should be contacted if the Primary Radius Server fails. May I ask if you're doing Challenge/Response with your SMS OTP inside the Radius server or are you using the SMA onboard functionality? --Michael@BWC
-
Hi @David W could you please give a short statement to my question above, I would highly appreciate this. And one follow-up, would it make sense in on-premise scenarios to raise the CRA Timeout (or any other Value) or are we screwed no matter what when the job is not done in 30 Minutes? Thanks in advance, Answers getting…
-
Hi @Grady0298 my usual approach is to bind a customers LAN ip address as secondary address to the system from which I'am doing the Configuration. Attaching X0 to my LAN or Configuration network. Depending what kind of Connection the customer is having, if DHCP on the WAN I'll connect X1 to my LAN (Configuration) as well to…