One of our network IP has been detected to make connections to a high risk external IP. What are the reasons a source IP tries to make DNS requests against an IP that is flagged as high risk ? Also please suggest how to handle this situation.
Your previous posts have all been in Enterprise. What product is this regarding?
This is for McAfee NSM (NIPS).
Thanks. Thread moved to Network Security for better attention.