Sophos Community
User
Site
Search
User
Toggle Mobile menu
Community & Product Forums
Blogs
Partners
Events & Webinars
Getting Started
Support Portal
Community Blogs
Application Control
Community
Product documentation
Security
Feedback
Support Portal
Product documentation
Products
Endpoint security
Sophos Endpoint
Sophos XDR
Device Encryption
Sophos Mobile
Network Security
Sophos Firewall
Sophos ZTNA
Sophos Switch
UTM Firewall
Sophos Wireless
Sophos NDR
Email Security
Sophos Email
Phish Threat
Cloud Security
Sophos Central
Sophos Cloud Optix
Support Tools
Sophos integrations
Free tools
AI Solutions
Sophos AI
Services
Management platform
Sophos Professional Services
Sophos Central
Support Portal
Sophos Community log in
Sophos Partners
Partners blog
Local Partner community
Partner news
Resources
MSP guides
Partner Care
Sophos Central
Webinars & Events
Webinars & Events
Calendar
Become a partner
Join our program
Events & Webinars
Events & Webinars
Calendar
Recordings
Getting started in the Community
How to get started
SophosID registration
How to set up your profile
How to contribute and participate
How to manage private messages
Member recognition
Recognition program
Leaderboard
Products and Services
Products
Endpoint security
Sophos Endpoint
Sophos XDR
Device Encryption
Sophos Mobile
Network Security
Sophos Firewall
ZTNA
Sophos Switch
UTM Firewall
Sophos Wireless
NDR
Email Security
Sophos Email
Phish Threat
Cloud Security
Sophos Central
Sophos Cloud Optix
Support Tools
Sophos integrations
Free tools
AI Solutions
Sophos AI
Services
Management platform
Sophos Professional Services
Sophos Central
Support Portal
Sophos Community log in
Blogs
Community Blogs
Application Control
Community
Product documentation
Security
Feedback
Support Portal
Product documentation
Partners
Sophos Partners
Partners blog
Local Partner community
Partner news
Resources
MSP guides
Partner Care
Sophos Central
Webinars & Events
Webinars & Events
Calendar
Become a partner
Join our program
Events & Webinars
Events & Webinars
Events & Webinars
Calendar
Recordings
Getting Started
Getting started in the Community
How to get started
SophosID registration
How to set up your profile
How to contribute and participate
How to manage private messages
Member recognition
Recognition program
Leaderboard
Support Portal
UTM Firewall
Network Protection: Firewall, NAT, QoS, & IPS
What to drop?
Release Notes & News
Discussions
Recommended Reads
Members
Lifecycle and Migration
More
Cancel
New
UTM Firewall requires membership for participation - click to join
Thread Info
State
Not Answered
Locked
Locked
Replies
1 reply
Subscribers
2 subscribers
Views
257 views
Users
0 members are here
Options
RSS
More
Cancel
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion
What to drop?
flyingkiwi
over 19 years ago
I am receiving emails to indicate intrusion events, how am I supposed to know whether to drop the event? Are the defaults in the rules list OK to leave or should they be modified?
Jon
This thread was automatically locked due to age.
0
NimmdirKeks
over 19 years ago
There is no real default setting. It all depends what devices are present in you network.
eg. if you don't have any Microsoft IIS, than you normaly can drop all those packets that would aim at the IIS services.
and so on.
Start at the top and work you way through to the bottom of the list.
Cancel
Vote Up
0
Vote Down
Cancel
