Virus Report

Does XG230 Firewall able to scan virus infected machines in the network? I know it protects the network via Malware Protection, how about virus if already exist on the network?

Does it show it on report? Where in report can I find machines that are infected by virus?

  • hi,

     

    - do you have a sophos endpoint and endpoint protection module?

     

    you can initially check in ATP logs which hosts tries to initiates malicious outbound connectivity.

     

     

    let us know how it goes.

     

    regards,

    rap

  • In reply to xlr8:

    The modules only subscribed are Based Firewall, Network Protection, Web Protection and Enhanced Support.

     

    Where exactly in ATP logs? Where to locate the ATP?

     

    Im using XG230 (SFOS 16.01.0)

  • In reply to Daniel Ninofranco:

    Daniek,

    in addition on what suggest by , on XG you can check only persistent threats inside on your networks that tries to access external C&C server, so XG can stop know attacks using ATP and IPS. Make sure to enable ATP (log and block) and restrict outbound access (do not create a firewall rule where services is any) and attach a proper IPS rule.

    Regards

  • In reply to lferrara:

    Thanks Luk and xlr8. I do now understand.

    Does it have another module or subscription to enable endpoint protection or virus scanning to be enabled on XG?

  • In reply to Daniel Ninofranco:

    No Daniel. Firewall can scan and block attacks that traverse them. You need to buy Sophos Central Endpoint for protect, scan your endpoints/servers.

    Regards