MKTMichael 1 Posted August 26, 2022 Share Posted August 26, 2022 (edited) Hello there, our company uses ESA to secure our whole network from unauthericed access. We noticed alot of failed tries to connect into our company network from outside. I gues its a normal thing with all those hackers out there. Inside our webconsole we were able to see from which IP's those rouge access attempts came from. Our question now is: Is there also a way to find out in which way they tried to connect to our Network via ESA. Like if they tried to go over certain ports, accounts or other ways? Are there accessable logs from which we can get those informations? Edited August 26, 2022 by MKTMichael Link to comment Share on other sites More sharing options...
ESET Staff IggyPop 19 Posted August 26, 2022 ESET Staff Share Posted August 26, 2022 (edited) Hi @MKTMichael, Not sure if you are just using the Mobile App or the product. In case of product what you can do for the beginning is to access the Reports where you should see the failed attempts. My reccommendation here is go to Reports and follow similar filter as I have below: Go to Reports Select Presets - Denied Authentications In results select - Failure or Warning (investigate both) Please see my screenshots below: In case of any other questions please feel free to ask more. Hope it helps. Ingemar Edited August 26, 2022 by IggyPop Link to comment Share on other sites More sharing options...
Recommended Posts