I never had an issue with Android before so I just got this from the ATP.
The site says "Instead it indicates Sophos products blocking network traffic (reputation or IPS filtering) to a remote machine believed to be a C&C server for the Android malware/PUA."
But looking at the picture it seems it just just blocking all android because of the user agent. So ATP doesn't know why IPS is blocking it, just that it did, is this correct? I don't have to look for a control app. I went ahead and disabled the ruleID.
C2/Android-A - Viruses and Spyware - Threat Analysis - Threat Center - Antivirus, Endpoint, UTM, Mobile, Email, Server, Disk Encryption, and Web Security | Sophos
Guest User!
You are not Sophos Staff.
