This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Astaro IPS

Hi,
we use Astaro ASG525 and configure IPS for it according to Sophos manual.
But we feel intrusion prevention don’t drop packet.
please pay attention to this log:
---------------------------------------------------------------------------------------------------------
id="2101" severity="warn" sys="SecureNet" sub="ips" name="Intrusion
protection alert" action="alert" reason="MISC SSL CBC encryption mode
weakness brute force attempt" group="500" srcip="x.x.x.x"
dstip="y.y.y.y" proto="6" srcport="---" dstport="--" sid="20212"
class="Attempted Information Leak" priority="2"  generator="1"
msgid="0"
---------------------------------------------------------------------------------------------------------
action is (alert) but we configure (drop)
please help us,
Thanks.



This thread was automatically locked due to age.
Parents Reply Children
No Data