Hello Community, We have a UTM SG430 and 1GBit/s internet connection. Now I have noticed that IPS a. prevents the line from being fully utilized. b. Long response times (100ms-500ms) and even packet loss occur when the WAN interface is heavily utilized…

Hello all, May be a silly question, however, in the IPS service: Do we need to include the RED networks for remote offices as well? Similarly, do they (RED networks) need to be listed in the Firewall rule for Teams and the like: Finally, besides…

Just installed Sopos UTM 9.707-5 in esxi vmware. When starting Intrusion Prevention I see in the console: /usr/bin/chroot: failed to run command '/sbin/snort' no such file or directory I have ssh'd in to the utm and checked, snort can't be found…

Hi all. I have a custom built router using a Gigabyte J1900N-D3V board. To cut it short, inter-VLAN traffic is limited to about 200mbit, but the CPU utilization only ever hits ~30%. Of course standard snort does not take advantage of the multiple cores…

Hello, I appear to be having some trouble with the Intrusion Prevention on my UTM. When I have Intrusion Prevention enabled, my network speeds are reduced dramatically. For example, my WAN connection; with and without Intrusion Prevention enabled: Enabled…

Hi guys, I keep getting the following alert and just wondered if it was anything to worry about / look further into: Intrusion Prevention Alert An intrusion has been detected. The packet has been dropped automatically. You can toggle this rule…

Hello all, We have a UTM 9 in the office and I was trying to test the Intrusion Prevention feature. So under local networks I setup a host basically my computer. And on another computer I used a program called IDSWakeup to hit it with different…

We have been getting a LOT of IPS attacks lately. Getting Snort 38330 MALWARE-CNC TRUFFLEHUNTER SFVRT-1020 attack attempt from several internal IPs. Snort doesnt give much information.... is there a good chance these hosts are infected? Sophos Cloud AV…