I need to get some advise and action plan.
I've got report that one of my internet customer was infected with virus. The source IP was coming from my customer devices(firewall/router) and most probaly the real IPs are NATed.
I've request my customer to check which host in their network that have been infected.
Ok from my side, what is the action or prevention steps that I can take to prevent this attack from happen again.
Thank you sir.