Re: how to block archive attachements that contain .exe
this should be done rather by a virus scanner (Sophos/McAfee) than by a filter, which most likely will cause some false positives. For instance, a possible approach looks like this:
Filter Condition: Attachment File Info -> File Type is: - - exe
Filter Action: Strip Attachment by -File Info -> File Type is: Compressed
This works well when there is only one attachment to a message, and that attachment is an archive with an exe file. However, in case a message comes with two attachment, where one of them is an archive and the other an exe file, the archive will be stripped.
As of June 2020, the Cisco ISE pxGrid App for QRadar Ver 1.1.0 is officially Validated and released by IBM, available for download from IBM XFE. Access the link to download app here.
The Cisco ISE pxGrid App V1.1 supports Cisco Identity Se...
i have an ip that is part of our internal network, i configured route map on the core to redirect the traffic to the firewall for further inspection.i checked the firewall logs i can see the traffic is redirect to the firewall successfully. i could ping o...
Hi, 1)May I know wht it means when context visibility Status showing 'disconnected" and '(blank)'?Difference between 'disconnected" and '(blank)'. Since both devices also not connected.I found tht these devices are no longer connected to the swi...
Hi ,I would like to configure multiple public ip (same subnet) on outside interface of ASA.I want to use static NAT for specific purpose.For example i have 8 public IP and I want to use 1 is internet ,1 for VPN ,1 for DMZ server and all ip want to a...
Hi all, Is it a way to retrieve the IPS policies from our IPS Appliance or censor? I have tried to look for a way but I am not able to do so. May I knwo any way can retrieve the policies from the Appliance either from the Appliance itself o...