Testing the WatchTower App, Statistics page started showing a strange attack:
But IPS Protections do not include this attack ! But we have an SK to the rescue: sk36869 "TCP segment with urgent pointer. Urgent data indication was stripped. Please refer to sk36869." log in SmartView Tracker / SmartLog
This includes a hint for Locally Managed 600 / 700 / 1100 / 1200R / 1400 appliances - and look where this is hidden:
It is the TCP streaming engine, stupid 😅 !
CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist