Hi, I find myself in a similiar situation. With the DNS risk set to 4 it skews the overall safety of my network, and also hides other traffic from the Top risks on the Dashboard. I could lower the risk artificially, however will this compromise the appliances reaction actual DNS packet attacks? Will the system still exam and respond to actual attempts to exploit the vulnerabilities? Is there another alternative? Do I need to add a more specific definition of a "bad DNS" packet that can be filtered on? Thanks to all who read and respond Kevin Kutzera New PA-500 administrator Seattle, WA.
... View more