Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 8 replies
  • Answers 1 answer
  • Subscribers 4 subscribers
  • Views 6417 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Selective IPS Opt-In

SamFickling

I have been using IPS for some time on my old Astaro 8 firewall, however, I'm about to upgrade to a UTM 9 device and I'm trying to decide how much IPS throughput I'm going to need.

Is there a way to enable IPS for only specified hosts and or services on a specific host as opposed to an entire 'network' or creating 'exceptions'? ie; can I 'opt in' vs 'opt out'?

I note that it is possible to add host objects to the IPS 'Local Networks' configuration, but whether this works the way I expect it to or not is another question.



This thread was automatically locked due to age.
Parents
  • 0

    Hey Sam,

     

    IPS in UTM9 is very similar to IPS in ASG8. The engine's matured a bunch, and we've gone to some lengths to improve performance, but you still have one IPS policy that applies to everything. You can then create exceptions, to stop traffic to or from certain hosts from being scanned by IPS.

     

    Cheers,

    -Alan

     

  • 0 in reply to AlanT

    My question to  , if we add an IP host object instead of the xyz (network) in the Allowed Local network box then will IPS work for that specific IP host object or will act as deactivated by default?

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

Reply Children
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML