Im seeing this event in my CSAMC. Can someone tell me what it is doing and should an exception be created for this?
The 'Alert Manager Event Interface' service logged event code 257 into the application event log: VirusScan Enterprise: Would be blocked by behaviour blocking rule (rule is currently in warn mode) (warn only mode!).(from COMPUTERNAME IP x.x.x.x user SYSTEM running VirusScan Enter 8.0 OAS)
Hey Tom, in doing some additional research turned out that our McAfee agent lost communication with the ePO server. That message that I was seeing was probably a notification of just that, cant establish comms with the server.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...