Several computers on my network began to display the firewall blocking alert with the description of NMAP TCP scan, but all computers in NAT protected by a Security Gateway, and these attacks start from several remote addresses, some coming from google, amazon and akamai .
But I realized that these warnings started to appear after activating the DPI-SSL feature (Deep Packet Inspection of Secure Socket Layer) that
Inspect SSL traffic When the client is on the firewall's LAN, and accesses content located on the WAN.
Really I can be suffering an attack or F-Secure may be interpreting wrongly the DPI-SSL feature?
Could you tell us is Intrusion Prevention is enabled on your end-points?
If so could you try disabling it to see if you still get alerts?
See this article on this feature.
This topic has been closed due to inactivity. If you would like to discuss this topic further, please start a new post.
You can reference this topic in your post by adding this link:
Visit the Community
Check our Forums or How-to & FAQs for advice or answers
View User Guides
Refer to our getting started guides and product manuals
Talk to our Support and get answers to your questions