Hello all   We are in the middle of deploying an FTD with IPS for a project. We have seen a large number of the following violations in the IPS event log:   Message Priority Classification PROTOCOL-DNS dns response for rfc1918 172.16/12 address d...

Hello all   Can anyone advise on the FTD’s capability to detect and mitigate DNS exfiltration attempts? Would there be a SNORT rule to detect such activity?    Thank you.

Hi all   When a client and server use PFS ciphers as part of the TLS session setup, what consideration(s), if any, should be given to an IPS system such as the FTD deployed in the middle to inspect the traffic?   My understanding of this whole topic ...

Hi all We have a link from our switch to a Juniper SRX firewall configured as a promiscuous port. Over this link we configure a primary PVLAN. Connected to the switch we also have a bunch of servers all in the same isolated PVLAN which is mapped to t...

Hi allWe have a requirement to provide IPS services on a HA pair of 4100 series FTDs. Specifically there is one flow we need this for. Two clients (servers) need to talk to four servers. The end-to-end path is: Clients > FTD/IPS > F5 load balancer > ...