We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
因为内网用户和设备较少,防护重点集中在外部访问,但是内网的状态监控、漏洞扫描等设备会经常触发告警产生一堆的攻击日志,导致对于真实的外部攻击行为的监控、查找难度较大
建议增加基于IP组的攻击日志筛选,并且分别预设增加内网地址和互联网地址的IP组
The text was updated successfully, but these errors were encountered:
内外网的防护需求差异确实比较大,建议考虑一下从网络设计上区分开两者。例如内网用户也统一通过外网入口访问,加白状态监控、漏洞扫描等设备,或者直接阻断内网通道。
Sorry, something went wrong.
No branches or pull requests
背景与遇到的问题
因为内网用户和设备较少,防护重点集中在外部访问,但是内网的状态监控、漏洞扫描等设备会经常触发告警产生一堆的攻击日志,导致对于真实的外部攻击行为的监控、查找难度较大
建议的解决方案
建议增加基于IP组的攻击日志筛选,并且分别预设增加内网地址和互联网地址的IP组
The text was updated successfully, but these errors were encountered: