Intrusion Prevention

  • 1.  IPS License Validity

    This message was posted by a user wishing to remain anonymous
    Posted 12-05-2021 06:16
    This message was posted by a user wishing to remain anonymous

    I have SRX300 Firewall with IPS but right now IPS license validity expired. In this case does the firewall IPS work with the existing installed IPS signatures or does it disable IPS ?


  • 2.  RE: IPS License Validity

    Posted 12-06-2021 05:52
    Hello,
    IPS will still function and inspects the traffic if there's any attack but it will ceased to obtain any signature updates.

    Latest IPS signatures will not be loaded or applied to your SRX with expired license.

    leangf


    ------------------------------
    Leangf Leangf
    ------------------------------



  • 3.  RE: IPS License Validity

    Posted 12-08-2021 05:39
    I have SRX345 in a lab and I need to simulate IPS by simulating some attacks. IPS is updated online but recently IPS validity expired. Please refer the attached screenshots on license error.

    I have launched attacks using HPING against the web server and other attacks using Kali Linux. My web server is freezing during the attack but I do not see any IPS events in the logs.

    Could you share the GUI steps to enable IPS for all the signatures so that I can see the logs for IPS ?

    ------------------------------
    Avil Tauro
    ------------------------------