Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 4 replies
  • Subscribers 41 subscribers
  • Views 5649 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Default IPS policies

cryptochrome

Hi guys,

I just set up my first XG using the setup wizard. After my first login, this is what I found in the default IPS policy list:

It looks to me as if the wizard added some additional policies, that - judging by the names - are similar to the built in default policies. Why were these added and what's their purpose (given that the built in policies are very similar)?

Thanks



This thread was automatically locked due to age.
Parents
  • 0

    They are there for you to modify or clone to make your own versions.

    Ian

    XG115W - v20.0.2 MR-2 - Home

    XG on VM 8 - v20.0.2 MR-2

    If a post solves your question please use the 'Verify Answer' button.

  • 0 in reply to rfcat_vk

    that doesn't answer my question though.

  • +1 in reply to cryptochrome

    Hello, cryptochrome,

    The IPS policy listed is recommended IPS policy based on our recommendation. E.g LAN to WAN would have some set of signatures which are useful and DMZ to WAN would have more signatures and strict policy implemented based on the security protection needed.

    There are many signatures and their use of each circumstance e.g communication between LAN to DMZ network is different than LAN to WAN so the signatures would vary accordingly.

    Regards,

    Aditya Patel
    Global Escalation Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

  • 0 in reply to Aditya Patel

    Thanks. But I was more looking for an answer that explains why there are additional policies apart from the built in ones. The additional ones can be edited, I get that, but all four of them contain the exact same rule and activated signatures. Their only difference is the name. And the rule names indicate they have been migrated from the built-in default policies. All of that makes no sense. 

     

Reply
  • 0 in reply to Aditya Patel

    Thanks. But I was more looking for an answer that explains why there are additional policies apart from the built in ones. The additional ones can be edited, I get that, but all four of them contain the exact same rule and activated signatures. Their only difference is the name. And the rule names indicate they have been migrated from the built-in default policies. All of that makes no sense. 

     

Children
No Data
Unfiltered HTML