This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Infrastructure category

Hello All;

I have an issue with my sophos XG firewall.

when i generate any report i found that there is a big traffic related to Category named "infrastructure" and once i open it i found Application/proto:port named "Secure Socket Layer Protocol"

I need to monitor this traffic to know which application make this traffic and close or remove it if it is harm application.

My configuration is below:

- Sophose firmware: SFOS 17.5.8 MR-8

- i have one rule that allow all http and https only

- web policy configured to allow all.

- application policy configured to allow all.

- checked "Scan HTTP" , checked "Decrypt & scan HTTPS" , checked "Block Google QUIC"

- the cert "Default" and "SecurityAppliance_SSL_CA.pem" installed on the PCs in the trusted root section.

thanks in advance.

This thread was automatically locked due to age.

Parents

0 PatrickLee over 5 years ago

Wrong forum. Try posting your question here https://community.sophos.com/products/xg-firewall/f
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 PatrickLee over 5 years ago

Wrong forum. Try posting your question here https://community.sophos.com/products/xg-firewall/f
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data