I am seeing a lot of connections on port 50124 and 443 from machines on a remote site that is connected to main site via VPN. They are connecting to an Altiris server but I am unclear (as I didn't set it up) as to whether they are just small pings to check in with the server or if they are files that are being transferred. The remote broadband line is slow which iis why I am investigating. The firewall on site is basic and not offering much insight. I can run a wireshark.