Sophos Ideas / SG UTM

SG UTM

Suggest, discuss, and vote on new ideas for SG UTM. The ultimate network security package.

Suggest an Idea...

← SG UTM

dynamic response to Intrusion Prevention detection

UTM already knows how to block IPs that perform port scanning: why not to block also attackers as soon as Intrusion Prevention detect them ? (this way, also unknown attack packets are dropped imediately). I noticed detections are very often 4 or 5 types only, but I exclude exploiting tools try only 5 types. IP should be banned for a customizable timeout ... like 5 minutes to 4 hours: if the attacked ip (or firewalled ip-range) doesn't answer, they surely go elsewhere. Thank you

1 vote
Sign in Sign in with Log in with your Sophos ID
Signed in as (Sign out)
Close
Close

We’ll send you updates on this idea

Giuliano shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

0 comments

Sign in Sign in with Log in with your Sophos ID
Signed in as (Sign out)
Close
Close
Submitting...
An error occurred while saving the comment

SG UTM

Categories

Feedback and Knowledge Base

(thinking…)
icon-data-protection icon-endpoint-protection icon-phish-threat icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-central icon-sophos-mobile icon-sophos-utm icon-sophos-utm icon-sophos-utm icon-web-appliance icon-xg-firewall icon-xg-firewall icon-avid-secure icon-lightbulbCreated with Sketch.