Next EAP release date?

Any word on when a EAP 2 refresh 1 or EAP 3 will be out?

This random reboot and loss of connection is killing me .

Parents
  • Any news about next release? We will have EAP 3 refresh, EAP 4 or GA version? Any date?

  • darnoK said:

    Any news about next release? We will have EAP 3 refresh, EAP 4 or GA version? Any date?

     
    There is an EAP3 refresh in the works right now that is focused on DPI performance improvements and lower memory usage.  I don't have an ETA for release to customers.
     
  • Thank you for the information. I hope that you will not only look at the consumption of RAM, but also the CPU and calibrate the product for your hardware platforms. There is something to fight for. Good luck!

  • I was satisfied by the answer given in another thread so won't rehash it again here but a couple of points about DPI...

    Snort like any other daemon has its limits... ie you can only pass so many packets before dropping the packets or bypassing the daemon. The problem with XG implementation is that you can't drop packets like you can on an IPS if the daemon gets overwhelmed so the more traffic you pass, the harder the cpu will be taxed and the quicker you will reach the top limit of the traffic processed.

    Instead of putting DPI and proxy as separate entities, they probably should have done some programming magic so that snort handles all the traffic but the traffic falls back on proxy automatically if the cpu usage is getting too high or snort is getting overwhelmed. 

    Not only that, I am not a fan of tweaking the same firewall rule at different places simply to pass traffic. The current implementation is too cumbersome. Choose between proxy or DPI, create exceptions for proxy or DPI, look at the logs for proxy or DPI. For a geek like myself this is really fun to tinker with but to be honest, I wouldn't want to mess with this much complexity if I was administering hundreds of users.

    Sophos has really moved away from security made simple. It is security with too many half baked options maybe but definitely not simple.

    This is my personal opinion and is not meant to offend anyone at sophos or other fanboys that think I keep hating on sophos.

    Regards

Reply
  • I was satisfied by the answer given in another thread so won't rehash it again here but a couple of points about DPI...

    Snort like any other daemon has its limits... ie you can only pass so many packets before dropping the packets or bypassing the daemon. The problem with XG implementation is that you can't drop packets like you can on an IPS if the daemon gets overwhelmed so the more traffic you pass, the harder the cpu will be taxed and the quicker you will reach the top limit of the traffic processed.

    Instead of putting DPI and proxy as separate entities, they probably should have done some programming magic so that snort handles all the traffic but the traffic falls back on proxy automatically if the cpu usage is getting too high or snort is getting overwhelmed. 

    Not only that, I am not a fan of tweaking the same firewall rule at different places simply to pass traffic. The current implementation is too cumbersome. Choose between proxy or DPI, create exceptions for proxy or DPI, look at the logs for proxy or DPI. For a geek like myself this is really fun to tinker with but to be honest, I wouldn't want to mess with this much complexity if I was administering hundreds of users.

    Sophos has really moved away from security made simple. It is security with too many half baked options maybe but definitely not simple.

    This is my personal opinion and is not meant to offend anyone at sophos or other fanboys that think I keep hating on sophos.

    Regards

Children