Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Subscribers 1 subscriber
  • Views 8510 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IPS and AV&AS Scanning

Mcneil Paul Dimatulac

Hello there guys,

 

i would like to ask if IPS (Intrusion Detection System) are mandatory to set in Firewall rule LAN-WAN because when i select lantowanstrict, our network connection is poor and internet is very slow while on the other side when i tried to select NONE, it is much faster and the connection is good. is this safe config? and also i uncheck all AV&AS Scanning in the Firewall rule LAN-WAN

is that also safe for our network? we are using CR25iNG

Seeking for your professional advice and help.

 

Many Thanks,

 

Regards,

MCneil



This thread was automatically locked due to age.
Parents
  • +1

    Hi MCneil,

    Yes, configuring IPS and AV/AS Scan is suggested to protect your internal network from Intrusion attacks and Malware infection. The bandwidth will be affected as the packets will be intercepted for the scan and filter. I would like to see what is the value of IPS maxpkts set, take SSH access to the Cyberoam and go to option 4. Device console and run the following command.

    console> show ips-settings

    There is an existing XG KBA, that might help. Please refer to, How to configure IPS settings in SFOS.

    Show us the output. 

    Thanks,

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    Hello Sachin,

    Thanks for the response. Can you give me correct configuration for IPS in order for us to browse more faster in the internet without compromising our security and enabling IPS for malware protection. The image below is our IPS settings.  Now our ips is set to none.

    Awaiting for your response.

    Best Regards,

    Mcneil

Reply
  • 0 in reply to sachingurung

    Hello Sachin,

    Thanks for the response. Can you give me correct configuration for IPS in order for us to browse more faster in the internet without compromising our security and enabling IPS for malware protection. The image below is our IPS settings.  Now our ips is set to none.

    Awaiting for your response.

    Best Regards,

    Mcneil

Children
Unfiltered HTML