Hello,
I'm wondering if somebody would be able to tell me whether AMP on an MX64W would block malicious content coming through a remote computer that is accessing the network using a Client-VPN?
Cheers,
Will
I don't know.
AMP does not run on AutoVPN connections. My guess is it doesn't run on any VPN connections.
That was one question I asked a Meraki Engineer on last years CiscoLive. There I was told that it's only for native downloads from the internet to an internal client.
That's a shame, would be nice to have. Thanks for your response.
I did some more tests and it seems that the mentioned statement is not valid (or not valid anymore, I did these tests on MX 15.33):
I installed a new web-server on my server-LAN and placed the eicar test-files in the Web-directory.
EDIT:
Later ... (you should not do tests like these while doing parallel other stuff)
Only Test1 was an AMP-Block, the other events in the Security-Center came from IPS as there is also a signature for Eicar.