Jump to content

GreggG

Members
  • Posts

    5
  • Joined

  • Last visited

About GreggG

  • Rank
    Newbie
    Newbie

Profile Information

  • Location
    USA
  1. Thanks Marcos...so it its its not an attack and everything is happening on the internal network. Should i create a rule to ignore the local traffic.
  2. We have Endpoint Security installed on our laptop users out in the field. Today, he received the alert: ARP Cache Poisoning blocked source 10.0.0.154 and target 10.0.0.154. I'm not sure how to tell if its legit or if its a false positive. Any help appreciated. Gregg network log.txt
  3. If the cleaning option was set to strict, the files would still move the to quarantine.
  4. I'm configuring the options for file security 6.5 through RA. I go into the policy and under threatsense parameters i see no cleaning, normal, and strict. How can i have threats go to quarantine. Then I can check to see if they are legit or not. Or should I. I had a problem with potentially unwanted software causing false positives and it deleted those files. I shouldn't have a problem with that again since it already deleted them. What;s the best practice for a sever setup. thanks
  5. Hi, My policies seem to be getting overwritten. Here's what I did. I went into policy mgr and created a new empty policy. I configured it the way i wanted and saved it. (If i go in and view policy, it looks good) I add clients, then check their configuration and it shows everything with blue (like everything was changed) or like it was merged. I tweaked the thescheduleld jobs and now there seems to be more and doubles of some of them. I can't find the issue. What am i missing? Only 1 server handling the policies thanks, Gregg
×
×
  • Create New...