OfficeScan/security agent blocking packetbeat

Dear Team,

In one of our customer environment Topbeat is working perfect but packetbeat is behaving abruptly.
On further investigation we saw urls referring officescan and mention of dll...

Has any one faced similar issue with packetbeat? with officescan or similar agent?
I am thinking of requesting to exclude packet beat from scans...

Any specifics inputs and guidelines will help ...


So OfficeScan is false alarming on Packetbeat? Can you provide more specifics on what the alert was?

I don't recall anyone reporting anything similar before.


I agree in terms of false alarm.. The first time urls are hit are notified but replaced with urls reference to officescan. no information is logged in logs..

Are there important pointers that we can inform infrastructure team while raising request to exclude from security checklist/ include in trust resource pool..


This topic was automatically closed after 21 days. New replies are no longer allowed.