• Support
  • Forums
  • Blogs

Common Suppression Rules?

TheCyberSentryTheCyberSentry

New Life Form
Hello!

What are some of the more common suppression rules being created using the USM Anywhere product?

My team sees a TON of data from logs alone and it affects our remote users. I want to know what logs we can start cutting back on, if any?
bleslieKotresha
Tagged:

Share post:

Comments

  • sorry how it  affects your remote user?

    first thing is you need to identify authorized regular activities and you can create suppression rule based on it, 
    suppressing events from firewall for the allowed traffic, i suggest you to concentrate on devices which sends huge amount of events to USM. 

    happy to assist in case of any questions
    .
    Regards,
    Kotresha
Sign In or Register to comment.