BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
@JSchultz did you checked with SNWL that your SFP Module is supported? What Module are you trying to use, maybe someone else already has some knowledge about it. This KB-article isn't mentioning the NSa 2650 at all. UPDATE: NSa 2650 is listed, I checked the wrong column, thanks @JSCHULTZ --Michael@BWC
-
@solmssen I checked a few instances and wasn't able to see these specific detections. Did you activated the logging of the URI to figure out what caused this? With this information you could download the file and provide it or the URL to VirusTotal for a 2nd opinion. It might be a false positive and can be excluded for the…
-
@Jeong where did you found scconsole_1.1.gz? I see only scconsole_1 which is a text file when downloaded from Device / Settings / Storage / Files / Diagnostic Data. --Michael@BWC
-
Then two Network Objects covering these /20 and /19 subnets sound reasonable. --Michael@BWC
-
@LewisAofM two IPs sounds a bit static, when you can make sure they do not change you should be golden. If you can limit them by FQDN this would be the way I prefer (if there are names for it). Security-wise limiting the Destination IPs is the best approach. --Michael@BWC
-
@LewisAofM you can't use the Source Ports in the Access Rules, it has to be the Service (Destination Port) because there sits the Service listening to it. You probably never need to set the Source Port because it's usually random. --Michael@BWC
-
@JonathanStone I prefer not to disclose under which hostnames my customers provide this service. But IMHO there is no good or bad choice. Just select a hostname which fits your needs and your users are able to relate with. If you like to manage your Firewall with the same Certificate you could use the location (or some…
-
@TKWITS Gen7 for the win then :) - thanks for checking. --Michael@BWC
-
@Larry because it's boundless, I can select Secondary as Logs on Storage Device, which is weird, because I don't have any. Considering the fact that the deployment is live and very delicate I don't like to tinker around. --Michael@BWC
-
@HKDude what firmware is installed? If it's an older one try updating via Safe Mode first. Besides all that I don't have another idea. --Michael@BWC
-
@HKDude I've seen such thing when using Google Chrome in the past, try Firefox - or vice versa, can't recall. If it's not that, are you sure it's really factory resetted? --Michael@BWC
-
@Enzino78 AFAIK VxWorks is no longer in the mix for Gen7, dunno if there is such a thing like a VxWorks based Hypervisor. I did not know that there is some form of isolation until 10 days ago. The SonicOS itself is Linux based, IMHO using OpenDataplane and OpenFastpath for the network magic. But little to nothing known…
-
@Enzino78 the mystery is still unsolved, no feedback from SNWL so far. It's a NSa 4700 and up thing, that's all we know so far. --Michael@BWC
-
@Daveberts @Nat same here, but I see these alerts only on the Secondary Unit of a HA deployment. --Michael@BWC
-
Nevermind, the Secondary Unit was running on an older Firmware for an unknown reason, I'am sure that I did the sync, but it seems that it was not working and I wasn't paying attention. After a while the Secondary Unit freaked out and booted into Safe Mode by it's own, this was the moment when I realized the Firmware…