Hello, I have multiple messages in Advanced Tread Protection. 2023:06:22-03:43:37 xxx ulogd[13536]: id="2022" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped (ATP)" action="drop" fwrule="63001" initf="eth0" threatname="C2/Generic…

My dashboard regularly shows botnet/command and control traffic detected. It is always BYOD hosts that cause it to trip. I understand protocol is to take these devices offline and scan them for viruses, but I would really like to know if there is anything…

Hi, We are using Sophos SG230 UTM having Sandstorm license. UTM is not able to send suspicious files to Sandstorm for analysis. Whenever UTM detects a file as suspicious, it displays following message: File requires further analysis The requested…

Hello, In last couple of days i start receive emails from my Sophos UTM (Firmware version 9.350-12) A threat has been detected in your network The source IP/host listed below was found to communicate with a potentially malicious site outside your…

Any one know if the Advanced Threat Analysis can block this attack that can through the VPN Client link ? I have a Server that are recaiving many RDP attempt access through my VPN users, but I can block RDP because I use this and the VPN user also, but…