Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

botnet prevention

Hi,

Can we enable botnet prevention on the SFOS firewall.

Please provide any kind info related to this.



Added TAGs
[edited by: Erick Jan at 11:46 AM (GMT -7) on 30 Aug 2024]
  • Hi  In terms of Firewall settings, certain settings and features may help to prevent botnet communication/traffic while the machine is trying to connect/communicate with C&C. 

    You may enable Sophos X-Ops threat feeds (ATP), Enable SSL/TLS Inspection and Intrusion Prevention, Block unwanted Applications, and web categories for machines behind the network, restrict or limit traffic for hosted servers from known countries/Knonw Public IPs, etc. Many more such things can be done in combination to overall increase the security posture of the network to prevent such botnet communication and attacks at the Gateway device.

    However apart from gateway-level settings, there are certain things one should keep into consideration on the endpoint side too like keeping them secure by installing endpoint security solutions,  installing system updates and bug fixes for software and operating systems, strong passwords, MFA, etc!

    Regards,

    Vishal Ranpariya
    Technical Account Manager | Sophos Technical Support

    Sophos Support Videos | Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts |
    If a post solves your question use the 'Verify Answer' link.