Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 3 replies
  • Answers 1 answer
  • Subscribers 3 subscribers
  • Views 6076 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Attack Patterns - Rule Age

ReneKeil

Hello,

I try to explain to myself, wether I should change the recommended "Rule Age" from 12 months to unlimited.

What is "best practise"? Is my company safe with the recommended setting?

Thanks 

Best Regards



This thread was automatically locked due to age.
Parents Reply
  • 0 in reply to sachingurung

    Hi sachingurung,

    thank you for your answer.

    My sophos has enough performance. I activated every rule (with warnings), but Intrusion Prevention is only active with 21627 of 27704 patterns.

    Do you have experience with full activated IPS? Maybe it´s too dangerous.

    Best regards

Children
  • 0 in reply to ReneKeil

    Hi, Rene, and welcome to the UTM Community!

    The only rules activated are those selected and then only if the application is enabled in WebAdmin.

    There are false positives, but the rules that generate them will be modified by Snort.  Other than that, there's no danger.

    Cheers - Bob