Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 27 subscribers
  • Views 12865 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

What kind of data can be analyzed in Discover Mode

ShunzeLee

Dear All,

We know it's simple to enable TAP/Discover mode in Sophos XG,

but anyone knows what kind of data can be analyzed in this mode?

Host traffic?
Web/Application category?
Malware? IPS?
Or ATP?

Thanks~



This thread was automatically locked due to age.
Parents
  • 0

    Shunze,

    AFAIK SAR includes all the information that is passed to XG in terms of network and web traffic. So All the above data should be available. In TAP mode, remember that you cannot block traffic.

    You can schedule SAR even if the XG is deployed in routing/bridge or mixed mode so I would recommend you to enable it on an XG and then you can see what traffic is reported.

    Regards

  • 0 in reply to lferrara

    So you mean the TAP mode also can identify the IPS attacks?

    Even we can not specify the IPS modules, and all of the 8901 IPS patterns can be detected?

Reply Children
No Data