Hi team I am getting this alert frequently from the firewall. please help me to resolve this

Hello, I have this alert today: intrusion prevention alert, but i don't know how to check or to diagnose this

I have many IPS reports of this type: "IPS SERVER-WEBAPP ThinkPHP 5.0.23/5.1.31 CVE-2018-20062 Remote Code " I don't understand if these attempts are effectively blocked, then in general do you have any recommendations to mitigate this vulnerability?

stupid question, I know, but honestly: what is the benefit of the Xstream protection when you decide not to break TLS sessions at all (besides mail filtering)? Will someone earn any higher protection level with all these features activated without breaking…

Hi folks, last night (my time) the IPS update (18.21.02) appears to have broken FB videos and the login screen. If I use my hotspot the FB access works correctly. Ian

Hi All I'm using sophos home addition Since four weeks i'm struggle to Make it work Ips But no luck e My hardware is Intel i7 8700 cpu 8gb Ram with Intel i350 nic Firmware 19.5.3mr Any help will be appreciated Thanks

Is EXPloit Protection, work Out of the Box? Now I Find ‘ Detect and prevent exploits (IPS)’. lantoWan- general policy Which I’ve enabled. Is That the full extent of it, and A feature that Works under the Hood? Is There Any solid inFormation in XG, and…

Hi everyone, I have two firewalls connected by a dark fiber on a SFP port, the two main LAN networks are 192.168.1.0/24(FW1) and 192.168.0.0/24(FW2). In both firewalls there is a rule to allow all traffic between the two subnets, so the source and destination…

Because the online-help is pretty useless regarding this question: What is the difference between the policies on top and the last ones (in small letters)? What are better? Why double build-in?

What IPS policy should I use in the Lan to Lan rule? (vpn site to site) Thanks

what traffic can be handled in version 4 core, 6Gb RAM in relation to IPS/IDS

Firmware version 17.0 have this signature but firmware version 18.5, 19.0, and 19.5 do not have this signature. Can anyone have firewall firmware version 19.5.1 and search in IPS policies have this signature and capture image reply me pls.. Thanks in…

We have software that goes out to a distributors website and downloads updates. Part of these updates is a batch of Word documents in .docx format that have some ActiveX controls in them that are used for automation. They cannot be removed and are a normal…

Hello, we are having some trouble with Zoom meetings where the sound is briefly dropping at times. Sometimes we get the network quality message. I may have traced the problem to some of the meeting traffic getting flagged as Proxy and Tunnel (x-vpn…

Hello I wondering how effective can be IPS in XGS series without decrypting SSL traffic. It is worth to configure without ssl inspection when i want to protect web servers (IIS, nginx, apache)?

I would think this feature should be readily available, but I am unable to find a way to do this. I want to block all IPs that appear on known abuse lists from our network. We are running an XG firewall. So far the rule blocking IPs by country has…

My org had an event last week where a false positive IPS alert was being thrown. This caused over 1400 email alerts within 20 minutes before anyone could get to it and shut it down. When I looked at the email logs it looks like it was sending 3-4 emails…

The UTM has an essential feature called "anti-portscan" that is seperate from DoS protection.Anti-portscan, if you are not aware, will detect when a source IP address is scanning the external WAN interface for open ports, and block, drop, or log the source…

Keep on getting this notification email every 5 minutes from XGS2100 firewall. Affects only one user's computer. FILE-OFFICE Microsoft MSHTML ActiveX control bypass attempt. It started this morning. Please assist. These four IP's external are listed so…

Hello, i am reciving many Notifications like Message: BROWSER-IE Microsoft Internet Explorer XSS filter bypass attempt Mostly i look up it has something to do with some kind of advertisement api from google or other cloud services…

Hello, in our company we got about 60-80 users. Each department got his own vlan running over one port. XGS2100 (SFOS 19.0.1 MR-1-Build365) Over the year i was setting up the sopho xg and adding all Firewall rules, like all department are in one…

Hi folks, I started investigating why the XG115W was showing high CPU load, normally around 5%, but now showing over 20% for extended peraiod. I checked the ATP, Avira, Sophos AV and Sophos anti spam, All but Anti spam last updated early yesterday…

Hi guys, How to write custom IPS signatures for blocking applications? I have found a few VPNs which are not on the application control list and I would like to block them. Regards

So, while setting up IPS on the system, I want to *block* the usual badness including scanners, etc. However, I have regular vulnerability scanning done by US DHS/CISA as part of their Cyber Hygeine program, and they scan regularly. As such, using scanner…

There is a critical 0-Day exploit for Exchange already being exploited, which is pretty much the same as the "ProxyShell" vulnerability in March. How can I check if the mitigation is already working with Snort or IPS rules? https://gteltsc.vn/blog…