2017-09-14 03:29 PM
In the Continuous Scan Configuration (Malware Analysis config) what is the Source Host and Source Port config value. Is the Host the SA or the conentrator? Can the port be any port or does it need to be 56003?
Any help would be much appreciated.
Jeff
2017-09-14 03:39 PM
The documentation leaves a bit to be desired, but it should be the concentrator/broker. We also have a course that goes over configuration.
2017-09-15 08:20 AM
Thanks Michael, as a follow up question, I am also unclear as to what Malware Analysis service I should be configuring for the continuous scan, the one on the dedicated Malware Analysis appliance or the SA-Malware Analysis?
Thanks
Jeff
2017-09-16 10:53 AM
If you have a dedicated Malware Analysis device, use that. The out of the box SA - Malware Analysis service running on the SA head is much smaller and limited malware analysis component.