Not an expert in firewalls at all. But we are on a UTM 9 system and the advanced protection is throwing up a fit. IP address is 209.197.3.8. From what I can tell this is a standard windows update server. We have Crowdstrike on our servers as well and they are not complaining at all.
Not sure what to do. Should I create an exception? Did this IP get reported "in error" and I have to just let it work itself out? Is there potentially a threat?
192.168.0.2 | C2/Generic-A | 209.197.3.8 | 16 | AFCd |
Ideas?
This thread was automatically locked due to age.