Network Protection: Firewall, NAT, QoS, & IPS [Sophos Notification] Advisory: Sophos UTM - Latest IPS pattern update triggering SENSITIVE-DATA Rules

UTM Firewall requires membership for participation - click to join

This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[Sophos Notification] Advisory: Sophos UTM - Latest IPS pattern update triggering SENSITIVE-DATA Rules

FloSupport over 5 years ago

Hi Community,

Sophos is currently investigating customer reports of SENSITIVE-DATA IPS alerts after the latest IPS pattern update.

Traffic containing sensitive data being sent over plain text SMTP, HTTP, FTP-Data, IMAP, or POP3 may be incorrectly blocked by Intrusion Prevention.

The following reasons can be seen:

SENSITIVE-DATA Credit Card Numbers
SENSITIVE-DATA U.S. Social Security Numbers (with dashes)
SENSITIVE-DATA U.S. Social Security Numbers (w/out dashes)
SENSITIVE-DATA U.S. Phone Numbers
SENSITIVE-DATA Email Addresses

This article has been published to provide more information and the available workarounds.

Regards,

This thread was automatically locked due to age.

Parents

ITSupp over 5 years ago

I think I am affected by this issue. Since the morning, my email traffic having issue in sending and receiving between the mail server and mail scanner, where Sophos UTM in between.

25 minutes ago (now 3:40pm NZ time), I saw in the Up2Date log, there was "ipsbundle2" installed and all mail traffic back to normal.
Cancel
Vote Up 0 Vote Down

Cancel

Reply

ITSupp over 5 years ago

I think I am affected by this issue. Since the morning, my email traffic having issue in sending and receiving between the mail server and mail scanner, where Sophos UTM in between.

25 minutes ago (now 3:40pm NZ time), I saw in the Up2Date log, there was "ipsbundle2" installed and all mail traffic back to normal.
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data