My dashboard regularly shows botnet/command and control traffic detected. It is always BYOD hosts that cause it to trip. I understand protocol is to take these devices offline and scan them for viruses, but I would really like to know if there is anything I can do to limit and/or prevent it from happening in the first place by blocking something either via Application control, web filtering or firewall rules.
Most of the time, the hosts are cell phones. A lot of the destinations are to vultr.com which appears to be a VPS service. Any advice is appreciated.
This thread was automatically locked due to age.