This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Astaro IPS

Hi,
we use Astaro ASG525 and configure IPS for it according to Sophos manual.
But we feel intrusion prevention don’t drop packet.
please pay attention to this log:
---------------------------------------------------------------------------------------------------------
id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion
protection alert" action="alert" reason="MISC SSL CBC encryption mode
weakness brute force attempt" group="500" srcip="x.x.x.x"
dstip="y.y.y.y" proto="6" srcport="---" dstport="--" sid="20212"
class="Attempted Information Leak" priority="2" generator="1"
msgid="0"
---------------------------------------------------------------------------------------------------------
action is (alert) but we configure (drop)
please help us,
Thanks.

This thread was automatically locked due to age.

0 Bianson over 8 years ago

AliAbsOluT

Hello,

I believe you are in contact with our network engineer via DM on this issue, so we can use that channel to resolve.

Thank you,

Bob
Cancel
Vote Up 0 Vote Down

Cancel
0 AliAbsOluT over 8 years ago in reply to Bianson

I talked to sachingurung

He asked me to upgrade v8 firmware on UTM but we are not able to upgrade firmware version to UTM9 because of low hardware configuration and we had this problem before UTM9 comes out.
Sincerely appreciate,
Cancel
Vote Up 0 Vote Down

Cancel