We do PCI scanning regularly on a monthy basis.
A recent failed with the following error message
Threat:
The filtering device doesn't block spoofed IP packets. Packets going to the external firewall interface with internal network IP addresses seem to be accepted.
recommendation is that we do the following
Change your firewall policy to deny packets coming on the external interface with a source IP from the internal network. You should also deny packets on the external interface with a source IP that is non-routable, such as 10.0.0.1 or 127.0.0.1.
what should I do?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.