Shield in Gateway

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|

Shield in Gateway

Geoman
I've stumbled across the forum and have a pretty basic query.

My shield is running firmware 1.51 in gateway mode. It still appears to be updating the IPS rules and according to the IPS logs, packets are being dropped.

I'm just wondering. What level of protection is shield now providing. What is shield actually doing?

I'm just wondering is there is any point leaving shield connected.
Reply | Threaded
Open this post in threaded view
|

Re: Shield in Gateway

breda
Hi, Geoman welcome to the Forums  I have not used gateway mode but I know Hans, user8446, Roadrunnere42 and other have done a great job of keeping the Shield  up to date here is link   http://itus.accessinnov.com/Shield-Beginners-guide-td754.html
Reply | Threaded
Open this post in threaded view
|

Re: Shield in Gateway

user8446
Administrator
Your shield is an intrusion prevention system running Snort doing real time packet analysis on your network. This level of deep packet inspection is commonly found on enterprise networks so you have a huge layer of protection I would NOT take off.
Running in bridge mode, 1.51 SP1 fw
Reply | Threaded
Open this post in threaded view
|

Re: Shield in Gateway

Roadrunnere42
In reply to this post by Geoman
Geoman

If you install the hotfixes that Hans produced and then install the latest fw_upgrade which at this time is 8.1, this will bring the Shield up to date  and continue to get the latest snort rules and web filters rules.

The Shield will run just as before and receive updates  rules every night.

roadrunnere42
Reply | Threaded
Open this post in threaded view
|

Re: Shield in Gateway

Geoman
In reply to this post by user8446
Thanks for the replies.

So I guess it's doing what I hoped. It's working as an IPS and updating rules.

I understand that gateway mode was only experimental but it seems to be working for me so I think I'll leave it be.