Abnormal (Upload Alarms) Tutorial

Follow

Comments

3 comments

  • Avatar
    Tony Nowinowski

    Thanks for the article, but there is room for improvement. Using your example above, if you are first going to monitor a device for a while to get a baseline, on say a camera, it should see that uploads over time are normal. The abnormal would be uploads larger than average, destinations say to risky countries, or just other countries outside of the average. Maybe you can build the logic overtime based on what the box sees, and the feedback from the user about the alarms, to update the baseline. 

    I get constant abnormal upload alarms on my Ring doorbell, they are really just normal uploads. 

    Keep up the great work!!! Thanks!

    1
    Comment actions Permalink
  • Avatar
    Stephen Williams

    The abnormal upload alarm feature is useless until it can learn what is really abnormal or not.  LIke the previous poster and many others on the help forum, I get *constant* abnormal upload alarms for my (multiple) Ring devices - ie dozens per day.  The behavior is normal, yet Firewalla is not learning that this is normal after multiple weeks.  So now I just have to mute the alarm on each of these devices, which means I won't get an alarm if something truly abnormal does start happening on these devices.  :-(

     

    0
    Comment actions Permalink
  • Avatar
    Stretch

    I like this feature, but the lack of how to mute is what needs improved.

    For example, I keep getting Abnormal Upload on my proxy server in the house. I would like to mute the alert just for one INTERNAL system. The only option I am given is muting the alert to the destination of the abnormal upload IP for all devices. 

    I want to mute the abnormal destination only for one internally system, not all my devices

    0
    Comment actions Permalink

Please sign in to leave a comment.