Forum Discussion
ATA v1.9 - suspicion of identity theft reported after OS upgrade
MicrosoftBinu Wariyar , We got several similar reports in the past.
In all of them the delivery optimization was a suspect, but we checked with the delivery optimization team the internals of how it works, and got to the conclusion that it's not what is triggering the alert.
There is something else going on for SOME customers during the upgrade, If I am not mistaken, the traffic is via CIFS , but from the reports we got so far, we could not figure out what was the exact operation that happens for those customers during the upgrade that created this CIFS traffic.
Thanks, Eli. You're right that ATA reports it is CIFS traffic. We haven't been able to identify anything either, suspicious or otherwise, that would trigger this traffic. We will continue to monitor these workstations to see if a pattern emerges that we can report to your team.