I recently set up a new XG firewall at our main branch location in order to assist with IPS and application control service. I am currently using the "Block high risk (Risk Level 4 and 5) apps" setting for app control.
What I am noticing is a large amount of ThunderVPN hits on our network, and I'm at a bit of a loss on what could be causing this traffic. I'm glad they are being blocked, but I wanted to see if anyone had any experience with this and what might be utilizing this service.
Our entire network consists of Dell workstations and the traffic is coming from various IP addresses, not just one machine.
Thanks in advance for any information!
Confirmed latest pattern update 18.18.62 appears to have resolved the issue, "offending" services have need re-enabled and no further hits int the logs (possibly since the previous update on 12th Oct?)…
Check the current IPS Pattern and verify, if the issue is resolved. Feel free to report back.
happens again on IPS pattern 18.18.56, please fix
please fix, wan't an issue yesterday, but has returned today. Not good QA.
Hi, I also have this issue with "IPS and Application signature" pattern 18.18.56. I Would be very glad too, if it could be fixed. Thanks a lot.
I have pattern 18.18.56 (latest update I can get) and am getting thousands of Thunder VPN app filters per day (App Filter Level 4/5 block). Happens on 18.0.5, 18.0.6, and 18.5.1. A fix would be greatly appreciated.
something very strange with this error, my NTP server is being blocked when it replies to internal time requests from some devices as well as all the external failures to different ports.