I have created a File Access Control rule as follows:
- Take the following action: Monitor
- when Applications in any of the following selected classes: <Remote Clients>
- But not in any of the following selected classes: <none.
- Attempt the following operations: Write File
- On any of these files:
This rule is actually working quite well so far, but I would like to make it more precise. Is there any way I can create an Application Class for just the Admin Shares (c$, admin$, etc.)? I don't want it trippin on open Network Shares.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...