Video Screencast Help

Inbound Traffic

Created: 16 Jul 2010 • Updated: 16 Aug 2010 | 2 comments
This issue has been solved. See solution.

Where can one configure thier Vontu so that they only see incomming traffic and not every attempt at junk mail?  This is just for the SMTP side.

Comments 2 CommentsJump to latest comment

Naor Penso's picture

I do not know what is your network topology, but the network monitor will see whatever ports you would mirror to it.
First of all i would not put the Network Monitor outside the network (it sounds like the Network Monitor is located before the DMZ and you receive a lot of junk mail). The network monitor should be after the firewall connected to your "internal" backbone.
Now if you have an idea what ports on the backbone are going outbound and which ports are going inbound, you could mirror only those ports that go outbound (outside the organization).

You could also "Ignore" all external IP's from the sender IP field, BUT it would mean that all of the incidents would arrive to the Enforce and it would drop them, and it would still use a lot of RAM and network traffic.

Kind Regards,
Naor Penso

For Forum threads, please click "Mark as Solution" if answered.
For all content, please give a thumbs up if you agree with or support the post.
Thanks :)

SOLUTION
Dan Tanna's picture

Wow, thanks Naor!  I am going to go look now.