CVE-2020-1472 Zerologon is about to go into the wild. Is XG able to detect those logon attacks with IPS?

Ive been using XG and UTM for a while now and have used RED a few times, but ive got a dedicated server now in the cloud and i installed XG on it for my edge firewall. I setup a red tunnel from my xg to that xg but i had a windows 2019 vm running on the…

I am facing a problem with IPS service when stopping it every thing is going well,when starting it youtube.com can't resolve and not opening even I can't ping it ,in the same time I can open any other site,the only change I did with IPs that I changed…

Firewall blocked an email. I do not understand why . Log: 2018-10-20 14:30:19IPSmessageid="07002" log_type="IDP" log_component="Signatures" log_subtype="Drop" ips_policy="" ips_policy_id="7" fw_rule_id="71" user="" sig_id="12597" message="SERVER-OTHER…

Dear All, I have configured DOS policy and I can see the packet dropped by the DDOS but where I can see the logs? I tried to find out in IPS, System, Firewall logs but no luck. Please help

I need to see if sophos (XG or SG) gather some requirements but I can't find information about IDS, can someone tell me if sophos (XG or SG) have IDS

Hi, We are planning for a big network (2500 Chrome OS Users) and I am asking a simple question about IPS configuration for the Chrome OS policies. There is no specific IPS signature for the Chrome OS in the XG firewall IPS (I didn't find on another…

Dear All, There is an action in the IPS policy " Bypass Session" and as per documents " Bypass Session - Allows the entire session if detects any traffic that matches the signature." and recommendation for the same is: "To save resources and avoid…

I have noticed that my Tivo is being flagged by the IPS with "Apache HTTP Server mod_rpaf x-forwarded-for Denial of Service." There were 27 instances yesterday, with 3 noted IP address targets. Is this a false positive or something that I should be concerned…

Hi Guys, I am experiencing really low bandwidth with the Sophos XG. I have tried turning of IPS, Web Filter, and Application control just to tshoot. Is there something with the OS version (SFOS 16.05.5 MR-5) that is causing this? Thanks. …

Hi, since I am using XG, I'am getting always IPS alerts, and I am concerned about, because I don't know the reason of these alerts. Are IPS alerts a alert about accessing websites with vulnerabilities or outdated software, or means an IPS alert…

We are having trouble downloading some Adobe Acrobat files from one of our vendors. The files are being flagged by the IPS system under the signature "Adobe Reader PDF Engine CVE-2017-3025 Memory Corruption Vulnerability". It only is affecting about 10…

Good morning everybody! I have many IPS alerts, is that normal? And not all of the victims IP's are in my network! I use LAN_TO_WAN standart IPS policy!

I have a basic firewall policy set up with the default LAN_TO_WAN IPS policy enabled. I have downloaded a few different versions of the the standard EICAR test string and these appear in the firewall log under malware but they appear to make it through…

Hello, I am running XG Firewall for a few months now. However, I still have a problem which I could not solve yet. When trying to update my apps on my Android phone, Google Play Store keeps trying to download the updates. After several minutes I receive…

Hi All, We have a new XG + Sophos central/interceptX. I have the firewall setup with a copy of LAN-WAN IPS with all but windows clients/servers removed, SSL decrypt+scan and yellow or above heartbeat policy setup. Is this how we should go or does…