Hi,
I have a number of 7005 controllers on a vMM using 8.6. My vulnerability scanner says it's vulnerable to QOTD scans. I wrote a policy rule at the top of the vMM tree to block TCP port 17. That should do it.
But it doesn't seem to ... the vulnerability remains. I use "localIP" destinations, that are supposed to mean "all IPs on this controller". I added a new one that uses a destination of the network range for the controllers (a /16).
What should a good rule look like to filter the QOTD (TCP & UDP port 17)? Is it OK to put at my first node (folder)? Does it need to be at the "Managed Network" level?
Thanks,
Ambi
------------------------------
Ambidexter
------------------------------