Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
larry
Explorer

How to defend DGA attack

the cyble states or situation awareness has reported this dangerous domain-name. 

Users can access my localserver through this DGA domain-name.

And the traffic came from outside, so what I should do with the Security Gateways?

I have add a TP strict profile to the local server, anything else?

0 Kudos
Reply
4 Replies
_Val_
Admin
Admin

First and foremost, do you have Anti-Bot active in your TP profile?

0 Kudos
Reply
larry
Explorer

yes, AB IPS AV all active.

I think the DGA does not stand for the attack has occurred, for the worst I enabled the IPS ,AB,AV blades for the local server.

0 Kudos
Reply
PhoneBoy
Admin
Admin

A TAC case is probably a good idea here.

0 Kudos
Reply
_Val_
Admin
Admin

Second that

0 Kudos
Reply