What is IP Reputation Hits in SecuReporter App?



I use Genuine windows 11 laptop OS. I have installed ATP200 firewall with latest firmware in my office. and I have noticed slow wifi connections. So, I configured my laptop WiFi IP with a static IP, instead of usual DHCP IP.
My problem:
Whenever I browse through various websites mainly for customer support.
There are times, when I encounter bad websites with plenty of advts.
Though lots of them get blocked with browser based blocking apps, but zyxel firewall shows a security alert email to my mailbox as this:
Alert information:
Timestamp: 2023-01-01 10:30:00
Category: Network Security
Event Type: IP Reputation-Outgoing
Severity: High
Alert Message: IP Reputation detect <my mapped ip address> is connecting to threat IP 50 times (exceed threshold 1 within 60 minutes)
And in SecuReporter, it displays Threat category as Botnets and pointing to some IP Address. Action - Access Block.
But, if I use Ubuntu Linux OS on my Laptop, all such issues are not there at all.
My Query: What is IP reputation? Does it translate to Malware/Virus infection in endpoint? How can I work backwards to identify the rogue appl. or rogue device within the network?
I have not been able to find any write-up on the various security indicator in Zyxel Firewall. Any technical KB would be of great help. A clarification will be helpful too.
Regards | Kinshuk
All Replies
-
Hi @Kinshuk_Tech,
Greeting Forum,
IP reputation checks the reputation of an IP address from a database. An IP address with bad reputation associates with suspicious activities, such as spam, virus, and/or phishing.
You can find more details in UserGuide at page 712 .
If other device won't hit reputation. Please find that win11 laptop to find which process/applicaiton try to visit by PID.
Thank you
Kevin0
Categories
- 7.8K All Categories
- 1.6K Nebula
- 53 Nebula Ideas
- 53 Nebula Status and Incidents
- 4.3K Security
- 215 Security Ideas
- 906 Switch
- 40 Switch Ideas
- 803 WirelessLAN
- 15 WLAN Ideas
- 5K Consumer Product
- 131 Service & License
- 260 News and Release
- 49 Security Advisories
- 6 Education Center
- 573 FAQ
- 273 Nebula FAQ
- 132 Security FAQ
- 73 Switch FAQ
- 72 WirelessLAN FAQ
- 7 Consumer Product FAQ
- Documents
- 34 Nebula Monthly Express
- 67 About Community
- 40 Security Highlight