v18 - WAF Patterns are not used anymore? How can the WAF patterns update?

In the new version, under "Pattern Updates" the WAF is not in the list anymore. Can you describe how the WAF patterns are updated?

Thanks

Parents

0 BrucekConvergent over 5 years ago

I bet it's part of the IPS bundle now.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Sophos Platinum Partner

--------------------------------------

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Billybob over 5 years ago in reply to BrucekConvergent

I hope that is not the case as I am a big fan of modsecurity (WAF). Granted its a little hard to configure on the front end than a simple proxy while augmenting it with IPS but I find the reliability of modsecurity far greater than ANY IPS engine which WILL drop packets under heavy load.

Regards

Bill
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 LuCar Toni over 5 years ago in reply to Billybob

As far as i know, the IPS pattern only covers now the WAF Pattern. It is simply merged together.

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
+1 BrucekConvergent over 5 years ago in reply to Billybob

Billybob said:

I hope that is not the case as I am a big fan of modsecurity (WAF). Granted its a little hard to configure on the front end than a simple proxy while augmenting it with IPS but I find the reliability of modsecurity far greater than ANY IPS engine which WILL drop packets under heavy load.

Regards

Bill

You misunderstand; I meant that the pattern files with WAF are in the same bundle for updates -- not that the WAF engine is gone, etc. Based on what Lucar says here I think that is the case, they just changed how they bundle the pattern updates.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Sophos Platinum Partner

--------------------------------------

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Reply

+1 BrucekConvergent over 5 years ago in reply to Billybob

Billybob said:

I hope that is not the case as I am a big fan of modsecurity (WAF). Granted its a little hard to configure on the front end than a simple proxy while augmenting it with IPS but I find the reliability of modsecurity far greater than ANY IPS engine which WILL drop packets under heavy load.

Regards

Bill

You misunderstand; I meant that the pattern files with WAF are in the same bundle for updates -- not that the WAF engine is gone, etc. Based on what Lucar says here I think that is the case, they just changed how they bundle the pattern updates.

CTO, Convergent Information Security Solutions, LLC

https://www.convergesecurity.com

Sophos Platinum Partner

--------------------------------------

Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries. Use the advice given at your own risk.
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel

Children

0 Billybob over 5 years ago in reply to BrucekConvergent

Aha, that makes a lot more sense. Thanks for clarifying Regards
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel