I currently don't have a license for the manged IPS service and only use what little the home license provides.
My home security cameras picked up a neighbor (a retired database engineer) placing a small device on my front lawn. Walking away for an hour, then returning to retrieve it. I'm assuming it's a nefarious network device and I'm wondering how the UTM logs would pick up related intrusion attempts.Thanks,
The 'little home license' provides IPS. Matter of fact, there are only a couple of items it doesn't support, such as Sandstorm and BasicGuard support. Other than that, you are getting a LOT of coverage for a free license, including Network Protection.
Very odd that your neighbor would be doing this and you believe it to be a network intrusion device. You would see attempts in your Network Protection logs and most likely in the Statistics window when you open Network Protection.
Then I would make a call to police about the malicious activity if you discovered it was a device your neighbor placed on your property designed to attempt intrusion.
UTM - 9.713-19 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz 16GB Memory | 500GB SATA HDD | GB Ethernet x5
Do you use WiFi behind the UTM.First, your neighbor has to get access to your network.If he captures enough WIFI traffic, he may be able to get the wifi-key.This you can't see within your IPS.If he is already connected to your (W)LAN, he may try to connect other devices. This may be visible as a "network anomaly" ... but unfortunately this feature is not included within Sophos IPS.
...But the device can be a little camera or a motion detector too to get some details about you .... or simple count cars // calculate car speed within your street.
Systema Gesellschaft für angewandte Datentechnik mbH // Sophos Platinum PartnerSophos Solution Partner since 2003 If a post solves your question, click the 'Verify Answer' link at this post.