BWC Cybersecurity Overlord ✭✭✭
Reactions
Comments
-
Well, I guess this issue got analyzed very well (for free) and a fix should be imminent. Thanks @Larry @Nat --Michael@BWC
-
CVE-2021-45046 got a bump from 3.7 to 9.0 ... still ignoring? --Michael@BWC
-
@Layne IMHO this is not possible, currently Radius and Duo is supported. You might accomplish this with Radius. If you wanna do me a favor, please don't ask SNWL to implement this natively, they broke Radius real hard by implementing Duo and it took forever to have it fixed. 😬 --Michael@BWC
-
@Richard_Anderson one indicator that you can't see any hits on the App Rules might be that Client DPI-SSL is disabled? --Michael@BWC
-
@Craig_S on Firewalls you have to enable Client Autoupdates, on the SMA it's a bit different. You have to enable the option "Allow Client Turn Off Auto Update" AND then you need to disable Auto Updates in the NetExtender itself. IMHO it's not a good way how it got implemented, because it needs interaction on all relevant…
-
Even a CVSS 3.7 which could lead to "just" a DoS attack should be fixed ASAP, at least in my opinion. log4j 2.16 is available and 2.15 is incomplete, doesn't sound that hard to do. Customers are not that happy seeing their SMTP gateways at any (avoidable) risk. No word from SNWL if they removed the JndiLookup Class…
-
@MikeBMiller AFAIK the integrated MFA is not working, see this discussion over here: I'am not a big fan of the integrated MFA, if you have a chance I would go Radius anytime. --Michael@BWC
-
@orttauq as a SentinelOne and SonicWall Partner I would compare CC at least with Control (at the moment) ... @SuroopMC mentioned that RemoteShell will be added later (CC 3.7+). Device Control is included, but Rogues are missing. After inspecting the S1 config on a running CC I would say Deep Visibility is not enabled,…
-
I can confirm no more cloud backups since 6.5.4.9, even a manual cloud backup does not show up. Checked on a TZ 400 and NSa 2650. Error: Failed to upload preference backup file. [Cloud service connection failed [-11]] A NSa 2650 is acting a bit weird, no updates for months, this might be some other story. Time 13:08:55 Dec…
-
And maybe another patch will be necessary, we'll see. Second Log4j Vulnerability (CVE-2021-45046) Discovered — New Patch Released (thehackernews.com) --Michael@BWC
-
@C_Z I feel you and this is what I expected from a vendor in the first place. If blocking HTTP/S is the one and only needed mitigation until a fix is available everything would be somewhat fine. But not knowing if the essential SMTP service is at risk causes some anxiety. But this might be corporate policy, in retrospect…
-
@pmelchiori I checked on a TZ 670 running the latest 7.0.1 build on Firefox and there was no problem to filter on IP or MAC address. Maybe it's a browser issue (again)? Update: all good in Google Chrome as well. --Michael@BWC
-
@tbrame @C_Z you can't expect fast and accurate information of another CVSS 10 these days 😪, I'am sure behind the scenes SNWL is working hard on this, but as usual not very communicative to the outside. Friends don't let Friends hanging in the dark. --Michael@BWC
-
@pmelchiori AFAIK there are no OIDs per Core available for SNMP, the overall 3 CPU usage metrics are OK but insights might be limited if you have no way to see if there are only a few of the available CPU cores are maxed out. This might have an impact on throughput if the load is not shared across all cores. --Michael@BWC
-
@Rave_Romero12 what I meant was that the hash-based block has to be done on the Users Computer, I can't see any way to accomplish this on the Firewall at the Perimeter. --Michael@BWC