Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 30 replies
  • Subscribers 31 subscribers
  • Views 4575 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Is Intrusion prevention working on XG Home?

michel handle-it

I am using Sophos XG SFOS 17.5.12 MR-12 on a esxi (Nuc in homelab) and have enabled an intrusion prevention policy on the network rule (LanToWan_strict).

After two weeks running not a single intrusion event is mentioned, not in the reports nor in the ips.log.

This leaved me to think the intrusion prevention is not working at all, because if I let the clients go by my Synology RT1900AC router, multiple events in Thread Prevention (surricata based) are logged every day.

I have tried everything to get an intrusion event, and also tried different virtual networkadapters (VMXNet3 and NE1000), but nothing seems to change. Also if done extensive searching on the internet but no resolution found.

Is Intrusion prevention even working on XG Home?



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to michel handle-it

    You didn't understand me, I am asking you to share this logs:

    "Synology RT1900AC router, multiple events in Thread Prevention (surricata based) are logged every day."

    To see if they are based on vulnerabilities or just on an IP block list.

    Anyway I could agree that SophosXG IPS is very quiet compared to others.

Children
No Data