Hi,
I have two questions.
1. The network security reporting feature shows you a graph with violations. How can I drill down and see what the offending IP is and what ports are trying to connect?
2. Is there a way to setup the ASG to deny all outgoing unless explicitly allow for outgoing ports?
For the most part the ASG seems to be pretty good for security but I just found that one machine on the network that was connecting to the outside via port 7212, P2P out of China, without anyone's intervention or knowledge nor was it setup to do this on the machine nor the router. Obviously the machine has become compromised and is being used by a P2P site for sharing without our knowledge. If all ports were closed until opened by the administrator this initial violation would not have occurred.
I wonder how many more ports are being exploited without my knowledge?
Thanks,
Mike
This thread was automatically locked due to age.
