Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 4 subscribers
  • Views 1466 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM: How do we check Advanced Threat Protection (ATP) case if Source IP address or host is IP address of the Sophos?

Minh Nhut Tran

Hi all,

I have a problem with Sophos SG 135.


I have two Sophos devices from different places (Office A & Office B). Office A using Sophos SG 230 and office B using Sophos SG 135.


I've already configured VPN Site-to-Site between office A and B.


Recently, I received notification email from Sophos SG 230 at the office A related to "Advanced Threat Protection".

http://www.sophos.com/en-us/threat-center/threat-analyses/viruses-and-spyware/C2~Generic-A.aspx


Especially, Source IP address or host is IP address of the Sophos SG 135 at the office B.

This is log from Sophos SG 230, both have been upgraded firmware version to 9.702-1.



Can anyone tell me what happened? Is Sophos SG 135 at the office B infected with virus?



This thread was automatically locked due to age.