I'm getting thousands of these a day, most times (99.99%) with internal sources, sometimes with an external source.
Firmware is 17.1.3 MR3
This thread was automatically locked due to age.
I'm getting thousands of these a day, most times (99.99%) with internal sources, sometimes with an external source.
Firmware is 17.1.3 MR3
Hi Guys,
Yesterday I installed XG310 (SFOS 17.5.3 MR-3) at client site.
It is in bridge mode after MKtik router doing NAT+Routing+VPN+basic FW.
Still there are a TON of false IPS positives. TCP related, IMAP related, Print spooler related(just some broadcasts), DNS related(replies from 8.8.8.8).
So this is redicilous.
Disabling is just temp solution? Even in upgrade does it stop/lower efficiency of IPS?
Have a nice day! Greetings!
Hi,
does anybody know if this is lowering the detectionrate of the IPS?
_______________________________________________
Sophos XG User
I just want to ask again, if somebody knows if disabling "Anomaly Detection" lowers the detection/protection rate of the IPS system.
Is this issue solved in v18 EAP, so that Anomaly Detection is working again?
_______________________________________________
Sophos XG User
I just want to ask again, if somebody knows if disabling "Anomaly Detection" lowers the detection/protection rate of the IPS system.
Is this issue solved in v18 EAP, so that Anomaly Detection is working again?
_______________________________________________
Sophos XG User