Hi All
We have migrated our Cyberoam to XG 135 recently. We have had logs of network attacks blocked in the Sophos console till January 13th and after that till today Zero Network Attacks
This s bit confusing to me as we were blocking many/day before that date, and all on a sudden the log showing Zero Attack prevented. Surely , I dont like to see any attacks, but i want to know whether there is no Attacks or some thing not working in my firewall
I have double checked, IPS policy is enabled on all the rules,
IPS module is enabled and working on the firewall
IPS signature updates are up to date
Current Firmware is SFOS 17.5.9 MR-9
Pattern
|
Current version
|
Available version
|
Last successful update
|
Status
|
---|---|---|---|---|
AP Firmware
|
11.0.009
|
-
|
06:24:00, Oct 30 2019
|
Success
|
ATP
|
1.0.0282
|
-
|
08:39:30, Feb 10 2020
|
Success
|
Avira AV
|
1.0.406078
|
-
|
23:14:51, Feb 15 2020
|
Success
|
Authentication Clients
|
1.0.0019
|
-
|
19:09:49, Dec 16 2019
|
Success
|
IPS and Application signatures
|
9.16.77
|
-
|
13:15:09, Feb 15 2020
|
Success
|
Sophos Connect Clients
|
1.4.001
|
-
|
14:32:34, Oct 24 2019
|
Success
|
RED Firmware
|
2.0.018
|
-
|
06:23:43, Oct 30 2019
|
Success
|
Sophos AV
|
1.0.15237
|
-
|
23:15:07, Feb 15 2020
|
Success
|
SSLVPN Clients
|
1.0.007
|
-
|
13:13:38, Jan 07 2019
|
Success
|
WAF
|
1.0.0006
|
-
|
13:13:37, Jan 07 2019
|
Success
|
Client AV was Symantec End Point Protection and We are in the process of changing them to Sophos End point Client with EDR
I have taken the support call and the Support technician is saying that the network Attacks are nil.
Below are my last month Intrusion Attacks Log
Does any of you have such issues before?, How did you rectified them
Please give me a solution
This thread was automatically locked due to age.