Ralph

About

Display Name
Ralph
Joined
Visits
55
Last Active
Roles
WatchGuard Representative
Points
10
Badges
1

Comments

  • That's exactly it Bruce. We're working on decoupling DNSWatch logging from DNS Forwarding. https://watchguardsupport.secure.force.com/publicKB?type=KBKnownIssues&SFDCID=kA42A00000016GtSAI&lang=en_US
  • Hello RClarke, DNS plays a big role in getting categorization requests out in a timely fashion. See below Kbase article with some things to check when troubleshooting the service. I would first check what other logs the service is emitting at t…
  • Hello there, Please review the Memory section on below page. It describes memory usage in detail and what numbers to monitor. ".....A low MemFree value does not indicate a problem with Firebox performance or resources. The total available memo…
    in Memory usage Comment by Ralph June 21
  • Hello Brandon, Usually indicates an incompatibility issue with the SFTP server. See similar Known Issue with Freesshd. https://watchguardsupport.secure.force.com/publicKB?type=KBKnownIssues&SFDCID=kA4F0000000fxb8KAA&lang=en_US What'…
  • Hello Doug, This file has all the ingredients to be RAR-5 format which GAV cannot detonate at this time. If you still have the sample, you can confirm using a RAR archive analyzer or if you prefer, open a support case and we'll verify it for you.…
  • Hello Darrin, No. We're just a proxy. Only Mail Transfer Agents aka email servers aka email relays are responsible for issuing NDRs (The last MTA that accepted a message for delivery). So, if an email is blocked because of a rule on the proxy, th…
  • Ah, nm, Thanks Bruce. I looked specifically for the duration=599 example. That explains why i couldn't find it. We'll get the Log Catalog updated...thanks for the suggestion.
  • Hello Bruce, It's a persistent connection. A policy match won't be logged unless a new connection is opened to the destination. If you disable/reenable cloud logging, you'll see an Any from Firebox policy match emitted in the Traffic Monitor.
  • Hello Brian, If you'd like raw data access to create your own reports that what xxup suggested is the way to go. To get an overview of activity on a Firebox, check out the Executive Dashboard. You can compare data historically by adjusting you…
  • Hello, If you have limited Traffic Monitor real estate, you can hide parts of logs that you're not interested in by changing their display colour to black. Right click / Settings / Traffic Monitor tab.
  • Hello Bruce, FWAllowEnd logs are emitted behind the scenes to your log facility (eg. Dimension) to indicate an end of a connection. The duration value is logged in seconds. Could I get you to provide a direct link to that Log Manager page ? I search…
  • Hello Doug, By default, Dimension will utilize 95% of the data disk at which point it'll start to purge the oldest log/reporting data. During deployment, 20% of the data disk is reserved for temp reporting tables and database maintenance. With th…
  • Looks like a left over directory from a failed backup. Can you try removing it and re-attempt another backup for the same time period.
  • Hello Greg, See below kbase article on how to best protect your network against malware. https://watchguardsupport.secure.force.com/publicKB?type=KBArticle&SFDCID=kA2F0000000QBnRKAW&lang=en_US
  • Hello Greg, There's a separate GAV action to handle password protected attachments. Set the 'When content is encrypted' action to Allow to avoid password protected attachments from getting locked.
  • Hello Greg, Apply spamBlocker actions to outgoing SMTP traffic to stop spam from leaving your network. Ensure incoming web and SMTP traffic is filtered by WatchGuard Subscription Services. See the following kbase article: https://watchguardsup…
  • Hello Greg, Sure can. Setup an SMTP proxy forwarding rule for your internet based SMTP traffic to the cloud service. See kbase article for more details: https://watchguardsupport.secure.force.com/publicKB?type=KBArticle&SFDCID=kA2F0000000…
    in Webmail spam Comment by Ralph May 2018
  • Hello Greg, The default Dimension web server certificate is generated by the WatchGuard Agent and the certificate's Subject does not include any verifiable information. Your web client would not be able to validate the chain of trust even if you …