BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
@itdatabasemgmt according to the matrix it's possible, the other way around isn't. --Michael@BWC
-
+1 for XCP-ng, because of the whole Broadcom/VMware situation I guess some SMB might look into alternatives. --Michael@BWC
-
@dp8 did you checked with the Packet-Monitor if any packets get dropped for the involved devices? In my experience the signalling is done by Phone to PBX but the voice data is transferred between the two Phones directly. Does your Access Rules allow this? Is the default gateway set properly on the phones so they can find…
-
@MartinDT I'am not using the DNS Proxy in larger deployments because of some shortcomings, it worked well in smaller environments. 10k will be a stress test, and my gut tells me to not use the DNS Proxy on the appliance and go for a dedicated resolver solution. Maybe even a dedicated DNS Security solution would be…
-
@MartinDT I activated the Trial on my test appliance and it is doing what was expected. Did you made sure that the client is using the Firewall as DNS? Isn't your proxy rule #1 allowing the traffic before getting to the Filter Rule? --Michael@BWC
-
😁 we can add this to the list of reasons when not finding a specific file the file is just not on MSW (e.g. because it got pulled again) the weird sort order causes confusion (sort by date) some kind of caching issue (use incognito mode or click the refresh icon) default language for downloads is german etc. (select…
-
@Simon_Weel it was available for me, TZ and NSa all the way. Did you tried a different browser or Private Mode to access MSW? Don't forget to click the refresh button in the downloads listing, it's a caching issue for sure. --Michael@BWC
-
Check the FAQ for some more information, DNS Filtering is a new a-la-carte (aka give me your money) option if you don't have APSS. --Michael@BWC
-
+1 for all of the above @preston
-
@mimiz it's a total bummer that there is no enable/disable toggle for route policies. You could create a Network Monitor Policy to a reachable destination on the LAN and select "Disable route when probe succeeds" to disable the Route if needed. This might sounds a bit stupid, but this all I could think of to make a route…
-
@Sriranjan_N_R there is no SentinelOne Agent 23.4.4.6951, it's either 23.2.2.6951 (released on Sep 4th 2023 by S1) or 23.2.4.7057 (released on Nov 21st 2023 by S1). Latest EA is 23.3.1.7037, I do not assume that there will be a 23.4 branch anymore. --Michael@BWC
-
After giving it a 2nd thought, the NAT will probably not work if 192.168.90.0 endpoints using new and solution as gateway as well. Even having the 172.16.0.0 traffic translated to 172.16.0.100 the reply packets from 192.168.90.0 will be dropped when routed via the old solution. I don't know about how much endpoints we're…
-
@Jamie the problem will persist. Let's say 172.16.0.55 is routing via 172.16.0.100 to 192.168.90.5 and 192.168.90.5 is replying via your old solution, then you'll stick in the same situation. The only option I can see is that you NAT the traffic from 172.16.0.100 behind the IP of the Interface for the 172.16.0.0 subnet.…
-
@Jamie I assume you have both solutions running at the moment? Is the 172.16.0.0 connected directly with the SNWL or just with the other solution? If you have both solutions running in parallel I'am somewhat certain that DPI/SPI will break things, because the SNWL can see only half of the traffic and drops the rest. E.g.:…
-
@Jamie do the PCs need to access a share in the same subnet (which does not involve the SNWL) or in a different subnet, which would involve routing. Just drop in some IP addresses to provide a bigger picture. --Michael@BWC