* Home Help Login Register

Welcome, Guest. Please login or register.
Did you miss your activation email?
Sunday 16 June 2024, 12:58:12 pm

Login with username, password and session length

Get the new Updates directly from Endian  HERE
14247 Posts in 4376 Topics by 6500 Members
Latest Member: franz
Search:     Advanced search
+  EFW Support
|-+  Support
| |-+  General Support
| | |-+  Should Intrusion Prevention Scan VPN Traffic?		 0 Members and 0 Guests are viewing this topic. « previous next »
Pages: [1] Go Down Print
Author Topic: Should Intrusion Prevention Scan VPN Traffic?  (Read 5576 times)
danodemano
Full Member
***
Offline Offline

Gender: Male
Posts: 47


WWW
« on: Friday 08 January 2010, 05:51:20 am »
So I recently had trouble with a MySQL connection through an IPSEC VPN tunnel.  I went round and round with this before finally nailing it down to to the IPS inside Endian.  The rule blocking the connection was:

Date: Jan 6 18:00:19 Name: ET POLICY External MYSQL Server Connection
Priority: 1 Type: A Network Trojan was detected
IP info: 10.x.x.x:3306 -> 192.x.x.x:56808
References: none found SID: 2008572

I disabled the rule and the connection went through just fine.  This prompted the question though, should the IPS be scanning VPN traffic?  It seems like maybe there should be a way to turn off the scanning of VPN traffic.  I'm all for filtering and security but it would nice to be able to at least toggle the scanning of VPN traffic.  Is this an unreasonable request?  Anyone else have any thoughts?
Logged
Pages: [1] Go Up Print 
« previous next »
Jump to:  

Page created in 0.047 seconds with 19 queries.
Powered by SMF 1.1 RC2 | SMF © 2001-2005, Lewis Media Design by 7dana.com