Hi,
I have a quick question about Security Heartbeat.
Imagine, you have a FW rule on your XG with Security Heartbeat enabled: green source, green destination
No user authentication required on that rule.
Now, someone not belonging to your company (not to say: a hacker) is in your building and connects her/his own (untrusted) computer to a wired network plug, received an IP via DHCP.
If there is a foreign-licensed Sophos Intercept-X software on that device, it would most likely be able to connect to Intercept-X and report a green heartbeat to the firewall.
I assume, in this situation, the computer would be granted green access to that firewall rule mentioned above, correct?
So there is no authentication in Security Heartbeat, in terminology of allowed Sophos Central accounts, correct?
This thread was automatically locked due to age.
