dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
704
share rss forum feed

hardstyler

join:2013-02-17
italy

idp signatures: XP/2000 for who has only windows 7/8?

Hi all!

As the title: zyxel IDP signatures provided are for many OS but a a question: if you in your network use only windows 7/8 x64 OS you must let active the XP/2000 signatures? then, are this signatures valid to protect windows 7/8 or they are unusefull?

No doubt with linux signatures cause if you in your lan have no linux OS you have it in your Zyxel USG and you must let them ON.


Kirby Smith

join:2001-01-26
Derry, NH
Reviews:
·Fairpoint Commun..

I interpret this question to be asking whether one can filter the IDP signatures to just those that apply to various OS on a particular LAN.

The problem is that new IDP signatures occur daily or weekly, so performing such filtering would be an endlessly repetitive task. It is unclear how much bandwidth performance increase might result. From a labor point of view, it seems plausible that working overtime to pay for a higher performance USG (and its IDP signatures) would require less time than one would spend in a year filtering IDP signatures.

kirby


hardstyler

join:2013-02-17
italy

not the right interpretation but yes everytime they give new signatures you must choose singularly and set or deactivate but I'm doing this for two years cause the number of signatures updates are only 90 (higher number of signatures of course) and everytime I set every signature to drop and log alert: no problem!

what I was saying is if the idp signatures that consider as platforms as windows xp and 2000 will block some intrusions also when a network uses only windows 7 or windows 8. if they are all related to only that old windows versions then the real number of interesting signatures are only 1400 and not 2220. I deactivated all very low and low signatures for about 500 signatures and obtained an increase of the download speed of 150 KB/s, very low advantage but consider a zyxel usg 100 with all utm services active can filter max 22/24 Mb/s.


JPedroT

join:2005-02-18
kudos:1
reply to hardstyler

You need to look at each signature, cross check it with patched stuff in Win 7/8 to see if those issues are still present or not. In addition you need to find out if ZyXEL adds Win 7/8 signatures under the XP/2000 group or not.
--
"Perl is executable line noise, Python is executable pseudo-code."


hardstyler

join:2013-02-17
italy
reply to hardstyler

great idea, not really fast to check but is great!

And there are no windows 7/8 groups of signatures and, yes, this is the cause of my question ;D

I try to ask directly to Zyxel but in some thread in this forum I read something as "Zyxel needs and improvement in performance and in new OS support" so it sounds bad... Hope they'll sell new utm appliances but for the right price!


hardstyler

join:2013-02-17
italy
reply to hardstyler

someone received an e-mail today from zyxel about new IDP signatures update?

I was surprised: they say now IDP 3.0 finally!!! someone here linked a thread in the german forum talking about the upgrade of the idp, firmware and more for the USGs.... and number of signatures are 15 thounsands!!!! really????? 15000??? Sincerely I am worried if the signatures of idp are now 15000 cause if the firmware is not really optimized (extremely optimized) how much will be the throughput??? 1 KB/s? till now the idp signatures are 2300 but in the past when I deactivated low, very low and old OS signatures for the total of 470 signatures I obtained 100 KB/s more in download....what about 12700 more??? I'm worried but really curious when the firmware 3.3 will be out, anyone with certified news?