IAM - ANTIPROXY False detection

syedjahanzaib Lv1Posted 23 Apr 2020 17:23

anti proxy feature is doing false detection on client pc's. mostly false detections are "Freegate" & "tor"
whereas on client pc windows 10 (which are our domain workstation) doesnt have anything suspicious in it. all clients have SEPM latest update with IPS, + malwarebytes installed & daily scanned. but still sangfor FALSE detection created headache and as a workaround we had to disabled it.
IAM should improve its detection method.

Fitz has solved this question and earned 10 coins.

Posting a reply earns you 2 coins. An accepted reply earns you 20 coins and another 10 coins for replying within 10 minutes. (Expired) What is Coin?

Enter your mobile phone number and company name for better service. Go

First of all, we are very sorry to give you and your business an uncomfortable experience.

We are currently working hard to improve IAM's anti-proxy capabilities, and will also provide troubleshooting tools in the next version. In order to ensure that the problem can be solved quickly when misjudgment occurs.

Before the release of the version, we suggest that you can add this pc to the anti-proxy trust list to ensure that it will not affect your company's normal business.
Is this answer helpful?
Fitz Lv2Posted 24 Apr 2020 13:31
  
First of all, we are very sorry to give you and your business an uncomfortable experience.

We are currently working hard to improve IAM's anti-proxy capabilities, and will also provide troubleshooting tools in the next version. In order to ensure that the problem can be solved quickly when misjudgment occurs.

Before the release of the version, we suggest that you can add this pc to the anti-proxy trust list to ensure that it will not affect your company's normal business.
syedjahanzaib Lv1Posted 24 Apr 2020 13:41
  
Thank for the reply. for the time being we can allow users but we have large number of users / guests. & what if the trusted users actually try to use proxy & he will be allowed because we added him in the TRUST list.
any ways hopefully this will be sorted in new firmware.

the most dangerous portion of this IAM device in our corporate pharmaceutical company is that IAM is using SMB v1 and this year when our audit will be conducted we will face lots of negative marks and we will have not much to defend the sangfor IAM. kindly focus on the baseline security part.

I Can Help:

Change

Moderator on This Board

1
3
5

Started Topics

Followers

Follow

Board Leaders