I'm a Paranoid Security Guy™
I looked at https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Threat_Protection and am concerned that an IDS ruleset that "contains rules that are from the current year and the previous three years, are for vulnerabilities with a CVSS score of 8 or greater" plus 5 categories of rules won't be sufficient to protect us.
What happens when an attacker tries to exploit a vulnerability that is 2 years old and has a CVSS score of 7? Or a vulnerability that is 5 years old and rates as 10?
Looking for any advice you may have. Thanks in advance.
Solved! Go to Solution.
I agree with you.
However, it's not just about missing the +3 year-old patch - it's the 2 year-old that scores a 7.
As @jdsilva says, seriously, if you haven't patched the systems within 2 years you have another problem.
Well, this hasn't been helpful.
I was hoping for some insight so I could counter the argument that is coming from other suppliers that Meraki rule sets are too small to combat threats that a modern enterprise would face.
Perhaps you should consider Cisco Firepower (like a 2110 appliance or an ASA 5516) if you want a lot of control. They let you turn every knob you can think of.