0 Replies Latest reply on Jan 3, 2017 10:57 AM by danteoz

    ENS Web Control and allowed sites reporting

    danteoz

      I tried to search the forums for an answer but I didn't come across anything that was related that I could tell. We are running ENS 10.1.1 currently and I see it happen a lot. When I look in the ePO console for some devices I see hundreds of entries in the log for event ID 18600 and it is usually labeled as follows:

       

      Threat Source URL:

      reports.allowedSite

      Event Category:

      Informational event

      Event ID:

      18600

      Threat Severity:

      Information

      Threat Name:

      Unknown

      List Type:

      None

      Reason:

      Rating/content

      Observe Mode:

      False

      Domain:

      Allowed Green Site

      Action:

      Allowed

      Rating:

      Green

      Content:

      Uncategorized

      e-Commerce:

      Unrated

      Download:

      Unrated

      email:

      Unrated

      Annoyances:

      Unrated

      Affiliations:

      Unrated

      Exploits:

      Unrated

       

      I have double checked anything i could find and the only thing I came across was Endpoint Security Web Control : Policy Category > Options and in the Event Logging section I have turned off Log events for allowed sites configured in the Block and Allow List (unchecked).

       

      It's not a huge issue but its cluttering up logs and threat events so it's harder to narrow something down. Anyone have some insight or suggestions?