Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 5117 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

IDS/IPS on DNAT

zzzp8

Does IDS/IPS work , on a DNAT rule.

 

EG I have a webserver which faces the internet on port 22 (SFTP) and 443. The web server sits behind the Firewall and traffic is DNAT'd to it. 

 

I have created a DNAT rule. The server sits inside the Internal Subnets. Internal Subnets network address range is added to the IDS/IPS. 

 

Will a person accessing the web server over the internet be subjected to IDS/IPS inspection? Or must I use the WAF to do so?

 

Thanks



This thread was automatically locked due to age.
Parents
  • 0

    IPS is also applied to inbound WAF traffic.  See #2 in Rulz and the relevant diagrams there to understand that IPS is applied virtually everywhere.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0

    IPS is also applied to inbound WAF traffic.  See #2 in Rulz and the relevant diagrams there to understand that IPS is applied virtually everywhere.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
  • 0 in reply to BAlfson

    Thanks Bob - always appreciate you replying

    I read the rulz section. I note that DNAT comes after IDS/IPS . Does that mean traffic through an inbound DNAT is subjected to IPS inspection ?

    Thanks

  • 0 in reply to zzzp8

    Look again at 2.4 - IPS always happens, but sometimes in different places.  Look at the diagrams at the bottom of the post.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Unfiltered HTML