Do you recognize a good idea when you see one? We want to hear from you!
Header Image

I suggest you ...

Increase Attack Patterns selections in IPS settings

ISTM that the IPS rulesets keep getting larger and larger, at the expense of IPS throughput.

examples:

1. I would like to be able to disable 'out-of-date' rules...
e.g.
a. if I don't have anyone using Windows XP or 2000, I should be able to disable those rule(set)s.

b. same for old browser versions

The easiest interface for this might be to set a "Minimum patch level/date"; e.g. ask the user what the OLDEST patched system is on the network.
Perhaps ask this for each ruleset/pattern group.

I'm guessing MOST of the 1000's of rules would not be applicable if all the systems on the network have been patched in the last year.

32 votes
Vote
Sign in
Check!
(thinking…)
Reset
or sign in with
  • facebook
  • google
    Password icon
    I agree to the terms of service
    Signed in as (Sign out)
    You have left! (?) (thinking…)
    BGBG shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

    2 comments

    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)
      Submitting...

      Feedback and Knowledge Base