[119:4:1] http_inspect: BARE BYTE UNICODE ENCODING [Impact: Potentially Vulnerable] From "GWxxxxxX " SERVER at Tue May 18 18:45:25 2021 UTC [Classification: Not Suspicious Traffic] [Priority: 3] {tcp} 10.12.3.78:56181 (unknown)->10.12.19.20:80 (unknown)
Getting these email alerts back to back. Seems to be coming from a VDI host.
This is a user VLAN in the VDI network. Can't block this connection. Need to dig more into this.
Please advise as to what should be the next step from a security prospective.