Good Day fellows I'm having alerts from the IPS rule 1:47567, the source is a cloud server outside the company and the destination is a internal user from the department of finance, this is happening when he was doing some financial reports. I would like to filter the Source IP address on the IPS rule instead using the Whitelist. My concern is I'm using the Whitelist feature, I'll open a security breach with the MALWARE-CNC Win.Trojan.Zegost. Thank you.
... View more
