This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Advanced Threat Detection flagging Akamai

Hi, on 9.707, was flagged by the ATP system tonight:

2021:08:28-19:50:28 fw named[5536]: rpz: client ( view default: rpz QNAME NXDOMAIN rewrite via

Since Akamai is normally considered a trustworthy CDN, I need more information. What is the reason the traffic is suspicious?


(home user and commercial customer)

This thread was automatically locked due to age.
Parents Reply Children
  • The bad pattern was corrected in under 11 hours.  Such notifications started coming in on 8/28 at about 11 PM EDT (UTC-0400) from about 10 client UTMs and stopped about 10 AM EDT the next day.

    Cheers - Bob

    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA