Are you a member of CheckMates?
×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Hi All,
Recently, our group of companies merged their IT department.
Upon checking the logs of the other's company firewall I have noticed below:
Does this mean that the IP stated on the logs are infected? Or user simply just visit websites that has a lot of adware?
I have noticed also that the destination is Google DNS. Am I having a wrong impression here? Since the action is tag Detect, others are Prevent, I'm kinda worried here since our other firewall doesn't have this kind of logs (DNS reputation) even the DNS trap is On.
Version is R80.40
PS: I'm new in the security field, I'm currently having a hard time grasping all the information regarding fw logs and stuffs.
Hope you can help me clear things up.
Hi Val,
What confuse me is that the destination is Google DNS. Also the action is mixed Detect and Prevent.
