Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 5 subscribers
  • Views 6470 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Need guidance to verify my firewall rules are ok? Had intruder?

JohnKenny1

Ive been using Sophos UTM for 2 years now but last few weeks ive detected an intruder on our lan, the AV isnt picking anything up but Alienvault is.

Can someone check my rules?

I have IPS & ATP setup too for just the Internal network.

Where is my hole?



This thread was automatically locked due to age.
Parents
  • 0

    "I have IPS & ATP setup too for just the Internal network."

    Please show pics of these configs, John.

    "After setting up Alienvault it found hosts i dont recognise but cant see how there running if there not on any machines?"

    Please show an example or two.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0

    "I have IPS & ATP setup too for just the Internal network."

    Please show pics of these configs, John.

    "After setting up Alienvault it found hosts i dont recognise but cant see how there running if there not on any machines?"

    Please show an example or two.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML