Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Alex-
Leader Leader
Leader

Mobile Access Page reported as Phishing website

We run Harmony Endpoint on Infinity Portal and Quantum appliances managed with an on-premises SMS.

The Quantum cluster provides MAB SNX for remote users. (R81.20 T53).

Since last Friday, the phishing protection blade on HEP gradually started to block the MAB URL on some users and today it happened for everyone.

The question is why it happens and how can we prevent this other than going through TAC. We might have other organisations running HEP accessing such resources and creating exceptions in all tenants is impractical.

3 Replies
PhoneBoy
Admin
Admin

The only action you can take without involving TAC is creating the appropriate exception.
TAC will probably be needed to understand why this is actually happening.

Alex-
Leader Leader
Leader

For some reason the customer's domain got classified as "Uncategorised", I suppose the phishing module doesn't like too much seeing credential forms on such categories.

I've submitted an URL categorisation request to put it back in its correct category and it's done, I will wait some time and try again without the exception to see if it makes any difference.

0 Kudos
lluner
Advisor

hi alex ,

Like the same problem as you, the quantum firewall, the site was blocking by the antivirus blade and the endpoint by the phishing blade, I had to make exceptions on the firewall and on the endpoint for the given site. If you want, I'll pass it on to you

The site was a library repository that both the firewall and endpoint were blocking 

Url : linkbio.co

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events