Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Seeing a ton of variations of this source being blocked to endpoints on 2 of our MX'sSource: a23-48-99-86.deploy.static.akamaitechnologies.com - 23.48.99.86:80Destination: network laptopsBlocked - Microsoft wimgapi LoadIntegrityInfo heap buffer over...
This destination got blocked:dns.sse.cisco.com208.67.222.222:443OpenSSL SSLv3 large heartbeat response - possible ssl heartbleed attemptand caused all kinds of connection issues today, once I whitelisted it, everything that was broke was fixed..so fa...
Seeing some AnyConnect VPN rogue IP’s trying to connect this evening, not sure if they are actually making a connection into our firewall..?example of log:Dec 1 20:22:05 AnyConnect VPN AnyConnect VPN connection event msg: Local-IP[OUR MX95 WAN IP] Lo...
anyone else not seeing any of their network's client traffic details showing up for applications, port, http content, etc. Traffic analytics details starting working again, but not clients, even if you click on a client, no details...
Getting a lot of these alerts from our main office's domain controller server and file server to a remote network.It's causing their mapped network drive back to our office not to connect.Microsoft Windows SMB2 client NetBufferList NULL entry remote ...
I actually opened a topic on this a week ago or so in this community forum, have not seen any responses of others receiving, found this post by searching Google for one of the IP’s I was seeing and Microsoft wimgapi LoadIntegrityInfo heap buffer over...
Latest response from Meraki:So from what I can see, if you are in fact not getting windows updates, it would indicate that that is what these are; however, I would reach out to Microsoft and confirm this traffic first before white listing out of due ...
From Meraki support: Microsoft wimgapi LoadIntegrityInfo heap buffer overflow attempt is further discussed here: https://blog.talosintelligence.com/vulnerability-spotlight-talos-2018-0545/Our IDS uses SNORT and Cisco Talos, this kind of traffic has ...
Response from Meraki: Thank you for reaching out to Cisco Meraki Technical Support!I would like to provide some clarity regarding the issue you experienced this morning, where traffic to the Cisco Umbrella DNS endpoint (dns.sse.cisco.com, IP: 208.67...
