There are two IPS in place with following configuration.
But we noticed that one IPS shows the filename in threat log (setup.exe) but in other IPS the filed is empty.
Threat name: (common on both the IPS) virus/win32.wgeneric
Dynamic updates are same on both the Firewalls.
Someone let me know what's odd in here?
Solved! Go to Solution.
do you have a file blocking profile in place ?
a filename will only appear in the log where the filename is relevant
in a threat profile you are unlikely to encounter filenames as it is focussed on network layer attacks. antivirus and antispyware target 2 different types of threats so one may find something in a file whil ehte other doesn't match or finds something else
without more concrete examples of what you're facing it's difficult to give you a more solid answer
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!