- Access exclusive content
- Connect with peers
- Share your expertise
- Find support resources
02-04-2013 10:46 AM
We have our PA-500 setup on our company's public network. This network is used by employee's personal machines and clients machines when they come into our office.
We have run into a few situations that we can see someone is most likely infected as the machine has been profiled by the PA-500 as transmitting threat traffic. The problem is we only have an IP address of the machine that is doing the talking.
Wondering if there is a way to get things like hostname, OS and version or any other easily identifiable information to find the infected machine.
Thanks
02-04-2013 11:39 AM
SInce you are handing out IP addresses via DHCP, you will have the Mac address of the machine that is having this IP address. Apart from the MAC address PA-500 does not have any information like OS or any other information. If you have global protect in your network then PA-500 will have the information like hostname,OS, wether the machine has any antivirus software and so much other information. At DHCP level I can only think of MAC address. You can always allocate same IP to that machine based on MAC address and you can block this IP traffic.
02-04-2013 11:39 AM
SInce you are handing out IP addresses via DHCP, you will have the Mac address of the machine that is having this IP address. Apart from the MAC address PA-500 does not have any information like OS or any other information. If you have global protect in your network then PA-500 will have the information like hostname,OS, wether the machine has any antivirus software and so much other information. At DHCP level I can only think of MAC address. You can always allocate same IP to that machine based on MAC address and you can block this IP traffic.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!