Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Ever since we moved to the new NGFWs, the way our ACPs are setup and ordered, outside scans show ports open because of the way FTD processes rules. Due to it processing a layer 7 rule, it passes the traffic to SNORT for evaluation and therefore it l...
Hey everyone. Signature update 932 was automatically applied to my IPS today at 12:16. At 12:17, I started to get a ton of Adobe Acrobat Reader Memory Corruption hits on signature 7615. I'm assuming this is a bug. Is anyone else experiencing the ...
So two things resolved this issue. We decided that we had to drop the geolocation rule. It was getting hung up on that rule because it had to pass the traffic to SNORT for analysis which was causing a few packets to get through. We know it was doi...
Thanks for the reply, Massimo. As an example, our actual rule where this is happening is on the rule that we have that blocks any non USA ip from coming into our network. Due to that rule using Geolocation, it has to send a few packets through befo...
It is currently set to "Block." However, in the past, I believe it was set to "Block with reset", but we have since changed that, but we haven't noticed any change in behavior as far as those few packets getting through and ports "appearing" open. ...
