Virus Report

Does XG230 Firewall able to scan virus infected machines in the network? I know it protects the network via Malware Protection, how about virus if already exist on the network?

Does it show it on report? Where in report can I find machines that are infected by virus?

  • hi,


    - do you have a sophos endpoint and endpoint protection module?


    you can initially check in ATP logs which hosts tries to initiates malicious outbound connectivity.



    let us know how it goes.




  • In reply to Raphael:

    The modules only subscribed are Based Firewall, Network Protection, Web Protection and Enhanced Support.


    Where exactly in ATP logs? Where to locate the ATP?


    Im using XG230 (SFOS 16.01.0)

  • In reply to Daniel Ninofranco:


    in addition on what suggest by , on XG you can check only persistent threats inside on your networks that tries to access external C&C server, so XG can stop know attacks using ATP and IPS. Make sure to enable ATP (log and block) and restrict outbound access (do not create a firewall rule where services is any) and attach a proper IPS rule.


  • In reply to lferrara:

    Thanks Luk and xlr8. I do now understand.

    Does it have another module or subscription to enable endpoint protection or virus scanning to be enabled on XG?

  • In reply to Daniel Ninofranco:

    No Daniel. Firewall can scan and block attacks that traverse them. You need to buy Sophos Central Endpoint for protect, scan your endpoints/servers.