- CheckMates
- :
- Products
- :
- Harmony
- :
- Endpoint
- :
- Re: Mobile Access Page reported as Phishing websit...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Are you a member of CheckMates?
×- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Mobile Access Page reported as Phishing website
We run Harmony Endpoint on Infinity Portal and Quantum appliances managed with an on-premises SMS.
The Quantum cluster provides MAB SNX for remote users. (R81.20 T53).
Since last Friday, the phishing protection blade on HEP gradually started to block the MAB URL on some users and today it happened for everyone.
The question is why it happens and how can we prevent this other than going through TAC. We might have other organisations running HEP accessing such resources and creating exceptions in all tenants is impractical.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The only action you can take without involving TAC is creating the appropriate exception.
TAC will probably be needed to understand why this is actually happening.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
For some reason the customer's domain got classified as "Uncategorised", I suppose the phishing module doesn't like too much seeing credential forms on such categories.
I've submitted an URL categorisation request to put it back in its correct category and it's done, I will wait some time and try again without the exception to see if it makes any difference.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi alex ,
Like the same problem as you, the quantum firewall, the site was blocking by the antivirus blade and the endpoint by the phishing blade, I had to make exceptions on the firewall and on the endpoint for the given site. If you want, I'll pass it on to you
The site was a library repository that both the firewall and endpoint were blocking
Url : linkbio.co