Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊
The VMware SD-WAN Edge appliance received packets that failed a Reverse Path Forwarding (RPF) Check. Reverse path forwarding (RPF) check is a network security mechanism that verifies whether the source IP address of a packet is reachable through the incoming interface on which the packet is received. The packet is dropped if the source IP address is not reachable through the incoming interface. RPF checks prevent spoofing attacks, in which an attacker uses a forged source IP address to make it
| Attribute | Value |
|---|---|
| Type | Analytic Rule |
| Solution | VMware SASE |
| ID | 840b050f-842b-4264-8973-d4f9b65facb5 |
| Severity | Low |
| Kind | Scheduled |
| Tactics | Impact |
| Techniques | T1498 |
| Required Connectors | VMwareSDWAN |
| Source | View on GitHub |
This content item queries data from the following tables:
| Table | Selection Criteria | Transformations | Ingestion API | Lake-Only |
|---|---|---|---|---|
Syslog |
SyslogMessage contains "Reverse path forwarding check fail"SyslogMessage contains "VCF Drop" |
✓ | ✓ | ? |
Browse: 🏠 · Solutions · Connectors · Methods · Tables · Content · Parsers · ASIM Parsers · ASIM Products · 📊