Hi,
On our MX67 SD-WAN we have an Advanced Securtiy subscription. I have noticed some mails about securtiy issues with topics like MX security report for organization....
When I open them I see that the mail is about a security warning that occured e.g. 4 days earlier.
In this particular case it was a block due to a threat "OS-WINDOWS Microsoft Windows SChannel ECDH key exchange heap overflow attempt"
I think that is quite a long period between a potential incident and the actual warning.
Is there any way to get such messages earlier by default from Cisco Meraki?
Do I need 3rd party software or other Cisco Meraki software/subscriptions for that?
Do I need to tune alerts and triggers and in this particular case, what alert type should be selected?
Where can I find more documentation about this subject?
Thanks all for you help in advance.
Regards,
Frederik