Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 2161 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

windows update server is triggering Advanced threat protection...what to do?

jwerner

Not an expert in firewalls at all.  But we are on a UTM 9 system and the advanced protection is throwing up a fit.  IP address is 209.197.3.8.  From what I can tell this is a standard windows update server. We have Crowdstrike on our servers as well and they are not complaining at all. 

Not sure what to do.  Should I create an exception?  Did this IP get reported "in error" and I have to just let it work itself out?  Is there potentially a threat?

192.168.0.2 C2/Generic-A 209.197.3.8 16 AFCd

Ideas?



This thread was automatically locked due to age.
Parents
  • 0

    Hi,

    I have moved your post to the UTM forum. Please provide more details about your UTM installation eg firmware version.

    Ian

    XG115W - v20.0.1 MR-1 - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

Reply
  • 0

    Hi,

    I have moved your post to the UTM forum. Please provide more details about your UTM installation eg firmware version.

    Ian

    XG115W - v20.0.1 MR-1 - Home

    XG on VM 8 - v20 GA

    If a post solves your question please use the 'Verify Answer' button.

Children
Unfiltered HTML