CDR Testing
Ally Member
Hello, my first post in this section… We want to setup CDR for customers, but first want to get familiar with it, and find out how we configure it, it does what we want.
Is there a method to test it?
Like download some (innocent) files but files what triggers CDR?
I know Microsoft has some test files, but do they trigger CDR?
Home - Microsoft Defender Testground (i hope this isn't triggered as spam….) just an example from them
Yours dennis
Accepted Solution
-
Hi @Dpj
Could you please share the model of your device? This will help us provide more tailored assistance.
If you're looking to configure CDR on your Nebula Firewall, we recommend checking out this article, which offers a detailed introduction to the feature and guidance on configuration:
Kay
0
Zyxel Employee
All Replies
-
Hi @Dpj
Could you please share the model of your device? This will help us provide more tailored assistance.
If you're looking to configure CDR on your Nebula Firewall, we recommend checking out this article, which offers a detailed introduction to the feature and guidance on configuration:
Kay
0 -
Hello Kay,
we use currently the USG Flex 200 with UTM License. We are testing if this license is usefull for our customers. Beside how to configure it, we also want to investigate if it does what we want it has to do.
0 -
Hi,
What is the port used to display the message on client browsers in case of CDR blocking?
I have already had blocks with CDR but users do not have a message, only a loss of network resources.
(It must be blocked by a policy rule…)
Thanks0 -
Hi,
I have a Zyxel ATP700 Firewall.Thanks
0 -
Hi @Julien44
Could you please check if the CDR feature is set up correctly? The following article provides guidance on configuring CDR for both on-premises and Nebula mode firewalls. Kindly refer to the instructions and ensure your CDR configuration is complete.
[2024 June Spotlight] The solution you must know: Collaborative Detection & Response (CDR) — Zyxel CommunityIf you have confirmed that everything is set up properly, please share the destination you are accessing, your firewall management mode (on-premises/Nebula), and a screenshot of the relevant event logs.
If you're using Nebula cloud mode, please enable Zyxel support access and provide your Nebula organization and site name.
Kay
0 -
Hello Kay, sorry, was busy with other things. Yes i think it will fullfill our needs. But i would like the possibility to test it. The same as under Security Service:
I downloaded i file (an fake mallware file). My computer directly tells me: Hey you cannot download this file. But in the zyxel device (usg Flex 200 with gold license) i don't see anything. I would like to know, how to see if it does what i want it to do.
yours dennis
0 -
Hi @Dpj
Could you please confirm if clicking the download button allows the fake malicious files to be downloaded directly, or if the firewall successfully blocks them? Additionally, could you share the link to the fake malicious file with us? We would like to conduct further analysis.
Please also enable Zyxel support access and provide your Nebula organization and site name to facilitate our investigation.
Kay
0
Freshman Member
Categories
- All Categories
- 415 Beta Program
- 2.4K Nebula
- 152 Nebula Ideas
- 100 Nebula Status and Incidents
- 5.8K Security
- 285 USG FLEX H Series
- 278 Security Ideas
- 1.5K Switch
- 74 Switch Ideas
- 1.1K Wireless
- 42 Wireless Ideas
- 6.5K Consumer Product
- 251 Service & License
- 396 News and Release
- 85 Security Advisories
- 29 Education Center
- 10 [Campaign] Zyxel Network Detective
- 3.6K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 86 About Community
- 75 Security Highlight
