We'd love to hear about it! Click here to go to the product suggestion community
Does XG230 Firewall able to scan virus infected machines in the network? I know it protects the network via Malware Protection, how about virus if already exist on the network?
Does it show it on report? Where in report can I find machines that are infected by virus?
- do you have a sophos endpoint and endpoint protection module?
you can initially check in ATP logs which hosts tries to initiates malicious outbound connectivity.
let us know how it goes.
In reply to xlr8:
The modules only subscribed are Based Firewall, Network Protection, Web Protection and Enhanced Support.
Where exactly in ATP logs? Where to locate the ATP?
Im using XG230 (SFOS 16.01.0)
In reply to Daniel Ninofranco:
in addition on what suggest by xlr8, on XG you can check only persistent threats inside on your networks that tries to access external C&C server, so XG can stop know attacks using ATP and IPS. Make sure to enable ATP (log and block) and restrict outbound access (do not create a firewall rule where services is any) and attach a proper IPS rule.
In reply to lferrara:
Thanks Luk and xlr8. I do now understand.
Does it have another module or subscription to enable endpoint protection or virus scanning to be enabled on XG?
No Daniel. Firewall can scan and block attacks that traverse them. You need to buy Sophos Central Endpoint for protect, scan your endpoints/servers.