I have set up a Sophos 9.101-12 (Home License) to only permit traffic to and from a very limited number of IP addresses. In past setups, I have not paid much attention to the Intrusion Prevention settings, but would like to implement them now.
On page 238 of the UTM 9 Administration Guide, it states: "Please note that the portscan detection is limited to Internet interfaces, i.e. interfaces with a default gateway."
In its current setup, the Sophos is behind a router:
Internet Router Sophos (Protected Network)
And so my question is, since Sophos does not connect directly to the internet, is it futile to enable portscan detection? Would it therefore also be unimportant to enable TCP SYN, UDP, and IMCP flood protection?
This thread was automatically locked due to age.
