Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Jeff_Gao
Advisor

updates of security and security management server

Dear all

       I know that ips/app control &url filtering can only update in sms. I have a few questions:

       1.What needs a security gateway to update from cloud

       2.What needs a SMS to update from cloud

       3.What are the effects if just only allow SMS to update and not allow security gateway to update from cloud.

thanks!

0 Kudos
5 Replies
G_W_Albrecht
Legend Legend
Legend

According to sk73220: ATRG: Application Control and sk92743: ATRG: URL Filtering updates (different to live contact to CP cloud) can also be made on the GWs. In Dashboard, you can select that:

ACUF.png

 

 

 

 

 

 

 

 

 

 

 

 

 

 

So i really do not know where that "knowledge" did come from 😎...

CCSP - CCSE / CCTE / CTPS / CCME / CCSM Elite / SMB Specialist
0 Kudos
_Val_
Admin
Admin

Several points:

 

  • With R80.30 and up, GW can get IPS updates directly. 
  • AC/URL categories are updated on the management side, but actual hashing is done on the GW side, for object used in the policy.
  • To get updates on either SMS or a GW, they need to be able to connect to SecureCloud, directly or via proxy.
  • If GW cannot get to SecureCloud, all update dependable services will fail. IPS will work, if MGMT updated CVEs. AC/URLF policy will not be able to categorise allpications & URLs.

 

0 Kudos
Jeff_Gao
Advisor

I think:
1.APP&URL can not used if gateway can not connect to securecloud for update;
2.IPS can be used if gateway can not connect to securecloud for update;
but i can not confirm if anti-virus and anti-bot can be used,in addition ,if license have any effect.
0 Kudos
Dorit_Dor
Employee
Employee

Our experience is that nearly all gw’s that value these services are communicating with the internet.

But in case your gw isnt connected, we have private threat cloud that enable work when its not connected to the cloud.  Contact partners/local team if this is what you need 

Jeff_Gao
Advisor

I think if gw can not connect to internet:
1.Contract can not be updates and will always display software blades abnormal.
2.Anti-bot and Anti-Virus can not update,and will always keep the same old version.
3.App&URL will can not be used, because App&URL can not lookup the domain or url,although app&url signature library can be updates through SMS.
4.Others blades feature should be used normal.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events