12-12-2018 08:44 AM - edited 02-21-2020 08:34 AM
I have users trying to access a host that is showing up in FMC events with "red" computer icon which means compromised. The action is allowed in the event log. I have also added this host to bypass the sfr and i still the client getting tcp resets to this host from splunk. How do I fix this?
12-12-2018 09:47 AM
12-12-2018 10:01 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide