Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 2 subscribers
  • Views 3087 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sandstorm activity.

MarcoTeixeira

I have a UTM 9.4 configured in Full Bridged Transparent Mode in a network. 

 

I configured sandstorm as the instructions in the link https://community.sophos.com/kb/en-us/123912 . 

 

However, i never found any suspicious file in Sophos Sandstorm statistics, what is strange since the sophos antivirus detects malware/virus/suspicios files in endpoints behind the UTM, which I control with sophos central. 

 

Is there any guideline to configure Sandstorm in a bridge mode that i didn't follow ? What can I have done wrong and how can i test  it? 



This thread was automatically locked due to age.
Parents
  • 0

    Please insert pictures of where Sandstorm is selected in Email and/or Web Protection.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0

    Please insert pictures of where Sandstorm is selected in Email and/or Web Protection.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson

    Thank you for your concern.

     

    I followed the guidelene I sent in the previous post.

     

    -Here is the picture. If you need some futrher info, please ask me.

     

    Thank you

  • 0 in reply to MarcoTeixeira

    Endpoint also finds PUAs (potentially unwanted applications) - is that what you're seeing?  I guess I wouldn't assume that malware got past UTM AV and Sandstorm unless I could find where it was allowed through in the Web Filtering log.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML