I am having the following notification on my XG. This is under intrusion detection. I havent done much on IPS and my default policy is LAN to WAN. What is the best way to avoid these intrusions.
This thread was automatically locked due to age.
Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.
itguy138,
you can check the rules from Snort website:
there you can find the findings, if it is a false positive and so on. I am not sure there is an equivalent Sophos website to find the patterns signature.
Keyur do you know nothing about?
Thanks
I have found the best way to avoid these is reviewing legacy or outdated software, i.e. Wordperfect, old Office, old Adobe, etc. These are generally not false positives, but warnings related to potential vulnerabilities of other systems that may be in your inventory.
It is important to tailor the rules to your environment, rather than rely on canned ones, if you really don't want to see a few of these cropping up.