Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Default IPS policies

Hi guys,

I just set up my first XG using the setup wizard. After my first login, this is what I found in the default IPS policy list:

It looks to me as if the wizard added some additional policies, that - judging by the names - are similar to the built in default policies. Why were these added and what's their purpose (given that the built in policies are very similar)?

Thanks



This thread was automatically locked due to age.
Parents Reply
  • Hello, cryptochrome,

    The IPS policy listed is recommended IPS policy based on our recommendation. E.g LAN to WAN would have some set of signatures which are useful and DMZ to WAN would have more signatures and strict policy implemented based on the security protection needed.

    There are many signatures and their use of each circumstance e.g communication between LAN to DMZ network is different than LAN to WAN so the signatures would vary accordingly.

    Regards,

    Aditya Patel
    Global Escalation Support Engineer | Sophos Technical Support

    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Children
  • Thanks. But I was more looking for an answer that explains why there are additional policies apart from the built in ones. The additional ones can be edited, I get that, but all four of them contain the exact same rule and activated signatures. Their only difference is the name. And the rule names indicate they have been migrated from the built-in default policies. All of that makes no sense.