<div>
Forced accept.<br />
<br />
Computer101<br />
EE Admin
</div>


<div>
<div class="content wysiwyg-content">
Hi All<br />
<br />
I am having this error in event viewer<br />
<br />
Event Type: &nbsp; &nbsp; &nbsp; &nbsp;Warning<br />
Event Source: &nbsp; &nbsp;Microsoft Firewall<br />
Event Category: &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;Packet filter<br />
Event ID: &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;15105<br />
Date: &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 14/11/2007<br />
Time: &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; 07:48:50<br />
User: &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; N/A<br />
Computer: &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;TS4<br />
Description:<br />
ISA Server detected an all port scan attack from Internet Protocol (IP) address 216.250.24.64.<br />
<br />
IP address mentioned is Symantec IP address which uses brightmail feature to communicate with server<br />
<br />
My question is how can i set rule in ISA server for this IP address not to mark as port scan attack, In addition I don't want to disable port scan feature in ISA &nbsp;<br />
<br />
Thanks
</div>
</div>


Hi All

I am having this error in event viewer

Event Type:        Warning
Event Source:    Microsoft Firewall
Event Category:                Packet filter
Event ID:              15105
Date:                     14/11/2007
Time:                     07:48:50
User:                     N/A
Computer:          TS4
Description:
ISA Server detected an all port scan attack from Internet Protocol (IP) address 216.250.24.64.

IP address mentioned is Symantec IP address which uses brightmail feature to communicate with server

My question is how can i set rule in ISA server for this IP address not to mark as port scan attack, In addition I don't want to disable port scan feature in ISA  

Thanks

ISA Server detected an all port scan attack from Internet Protocol (IP) address

Software firewalls, also known as host-based firewalls, provide a layer of software on one host that controls network traffic in and out of that single machine. Most operating systems now include firewall software, but many available software firewalls include central distribution, antivirus systems and disaster recovery.

Software Firewalls

Microsoft Forefront, formerly known as Internet Security and Acceleration Server (ISA Server), is a network router, firewall, antivirus program, VPN server and web cache that runs on Windows servers. It includes identity management and protection systems, and discontinued systems for threat management and network protection, along with protection for Sharepoint and Exchange. The scope of discussions includes forward and reverse proxy, application and service publishing, virtual private networks (VPNs), outbound access rules, SSL certificates and network routing within either a single node or an highly-available array pairing.

Microsoft Forefront ISA Server

Security is the protection of information systems from theft or damage to the hardware, the software, and the information on them, as well as from disruption or misdirection of the services they provide. The main goal of security is protecting assets, and an asset is anything of value and worthy of protection.  Information Security is a discipline of protecting information assets from threats through safeguards to achieve the objectives of confidentiality, integrity, and availability or CIA for short. On the other hand, disclosure, alteration, and disruption (DAD) compromise the security objectives.