04-26-2015 07:44 AM - edited 03-10-2019 06:22 AM
We are in the process of putting in new firewalls with SFP IPS modules in them that will be managed by a SourceFire security center appliance (a 1500 series)
I know with the old IPS systems, the modules would get their signature updates directly. Will they now get their signature and software updates from the management server? (this would make things a lot easier)
Solved! Go to Solution.
04-26-2015 07:55 AM
Hello Colin
Yes, your Firesight management center gets all the rules updates and the Intrusion policies get updated and redeployed to your sensors.
Hth
Paul
04-26-2015 07:55 AM
Hello Colin
Yes, your Firesight management center gets all the rules updates and the Intrusion policies get updated and redeployed to your sensors.
Hth
Paul
04-26-2015 08:07 AM
That sounds good
The reason I ask, is that some of the firewalls are edge devices providing outbound Internet access. I don't want to hairpin traffic off an internal router so that the IPS module can go fetch updates from Cisco.
I would much rather keep that management IP for the sensor isolated and have the server push updates to it.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide