Non-compliant HTTP and DNS log aggregation

Support Center > Search Results > SecureKnowledge Details

Technical Level

Solution ID	sk73240
Technical Level
Product	IPS
Version	R75.45, R76, R77, R77.10, R77.20, R77.30, R80.10
Date Created	24-May-2012
Last Modified	18-Mar-2018

Solution

Non-Compliant DNS and Non-Compliant HTTP IPS protections may be triggered by a Benign application (Non Malicious Application) implemented not according to protocols' standards.

When such an application resides in a network, non-compliant DNS / HTTP IPS protections may be triggered by each connection coming from/to this application, and as a result may flood logs.

In order to avoid the flood, the logs are aggregated and are sent to the Security Management server once every 10 hours.

Give us Feedback

Please rate this document

[1=Worst,5=Best]

Comment
	Submitting rating