Hello,
I have licensed and activated "Sophos Sandstorm" in "Sophos UTM9 9.409-9",
but even after downloading malicious files, the Sophos Sandstorm does not report
any activity. What's missing ? How to activate and test Sophos Sandstorm ?
To activate I have done the follwoing:
1. Enabled Licesing: sandstorm.
2. Web Protection: Web Filtering Actions:
Checked: Use Antivirus Scanning
Checked: Dual Scan
Checked: Refer suspicious items to Sophos Sandstorm
3. Email Protection:SMTP: Malware Scanning:
Checked: Malware Action: Quarantine
Checked: Dual Scan
Checked: Enable Sandstorm
4. Checked: Daemon /var/chroot-http/usr/bin/sandboxd is running
5. Checked: ping sandbox.sophos.com
6. Checked: telnet sandbox.sophos.com 443
7. Checked: System Settings: Single Scan Engine: Sophos
8. Checked: Send suspicious content to SophosLabs for analysis
Test to download malicious software from
http://sophostest.com/
www.sophos.com/.../sandstorm-test.aspx
But still:
- No Entries in sandboxd.log
- In Dashboard: Sandstorm: 0 malicious items detected
- Advanced Protection: No Activity reported from Sophos Sandstorm Activity
- No sandstorm Activity reported in /var/log/smtp.log
- No entry sandbox in http.log
- No entry sandstorm in smtp.log
What's missing ? How to successfully activate and test Sophos Sandstorm ?
This thread was automatically locked due to age.
