Sophos Ideas / SG UTM

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

← SG UTM

dynamic response to Intrusion Prevention detection

UTM already knows how to block IPs that perform port scanning: why not to block also attackers as soon as Intrusion Prevention detect them ? (this way, also unknown attack packets are dropped imediately). I noticed detections are very often 4 or 5 types only, but I exclude exploiting tools try only 5 types. IP should be banned for a customizable timeout ... like 5 minutes to 4 hours: if the attacked ip (or firewalled ip-range) doesn't answer, they surely go elsewhere. Thank you

1 vote
Sign in
(thinking…)
Sign in with: Facebook Google Sophos ID New Sophos ID
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Giuliano shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

0 comments

Sign in
(thinking…)
Sign in with: Facebook Google Sophos ID New Sophos ID
Forgot password?
Create a password
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment

SG UTM

Categories

Feedback and Knowledge Base

(thinking…)
icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.