Search:

Yeah, we haven't looked into OSPF over IPSEC. Again, I'll see if we're able to address this in the future.

Yes, it is a limitation at this time that with dynamic routing that two ngfws will need to use the same gre pool on each side.

We'll see if we can change this in the future.

We've released a new version of the Active Directory Monitor (1.10.41) with the following fixes:


Properly parse Windows Server 2016 and beyond RADIUS event format.
Allow hostnames for ngfw...

I believe it just must the cut for the 14.2.1 release.

In the meantime, I'd like to see if we can get "categornized" recognized as an official English word.

Seconded.

For about a month now, I've been experiencing some "weird" issues with downloading on my Windows machine, my only wired system in the house. Everything works "just fine", but a few...

Good approach. I recommend adding back WebFilter first.

It's looking for event 6272.

Try http://download.untangle.com/UntangleActiveDirectoryMonitorSetup.exe (without https) It should be the .40 version.

Yeah, if I remember each unit had a unique root password that support had to generate via a local app when they received calls.

Can't offer any help beyond physically mounting via another Linux...

Next time you see it, can you enable console mode and copy any Javascript errors?

And by "Done" I meant, "Application Control search filter was done in 14.1".

Done.

Thanks!

Can you enable cloud support and send me a PM (don't reply here) with your system UID?

Thanks!

It sounds like a bug to me.

Can you enable cloud support (if it's not already) and send me a PM (don't post here) with the system UID?

Thanks!

Bypass/whitelisting IPS networks is not possible in 14.1 but will be in 14.2.

What does the exact line in suricata.yaml look like?

Confirmed. This will be fixed in 14.2.

The script from the command line runs daily from /etc/cron.daily/intrusion-prevention-get-updates.

What happens when you run that command?

Its not clear from the rule snippit, but make sure the rules to disable signatures are added at the top of the Rules list.

Thanks for the category list. I'll file a bug.

To disable a signature, you can create a rule that matches the signature id and applies the disable action.
To enable a specific signature, you can create a rule that matches the signature id to set...

Thanks for the feedback Sam!

Classtype is the "official" categorization of signatures from Suricata (and snort).

However, all of the vendors go through the trouble of providing functional groupings called categories like...

While they're not editable, you can copy them and edit those copies.

We'll see if there's a way we can make the mouseover be more helpful.