This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

UTM 9 shows a Botnet/command-and-control traffic detected in Advanced Threat Protection on my SG430 firewall

UTM 9 shows a Botnet/command-and-control traffic detected in Advanced Threat Protection.

When I select the threat it takes me to the Advanced Threat Protection screen showing me the event, ip address, threat name, destination but no date.

How do  I identify if this is a recent current threat or just an old one that needs to be cleared out?

This is for an SG430.



This thread was automatically locked due to age.
Parents
  • Hi There,

    You should check Advanced Threat Protection and Firewall logs in the UTM. Please navigate to Logging & Reporting > View Log Files > Today's Log Files or check archived log files. You should also be able to see that in your Daily Executive report if you've configured one.

    Regards

    Jaydeep

Reply
  • Hi There,

    You should check Advanced Threat Protection and Firewall logs in the UTM. Please navigate to Logging & Reporting > View Log Files > Today's Log Files or check archived log files. You should also be able to see that in your Daily Executive report if you've configured one.

    Regards

    Jaydeep

Children
No Data