IDS/AV rules update interval

gthpl
Just browsing

IDS/AV rules update interval

Hello,

 

How often are the IDS rules updated? Where to check when the last update occurred?

 

In the event log you can see that the rules update about every week. Is this often enough? The rules are updated daily on the SNORT website.

 

What about AMP rule updates?

 

Greetings

3 REPLIES 3
jdsilva
Kind of a big deal

Hey @gthpl . Rules are updated every interval set, per interface, on the Security & SD-WAN > SD-WAN & traffic shaping page. 

 

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/SD-WAN_and_Traffic_Shaping#List_upd...

 

image.png

SoCalRacer
Kind of a big deal

Not a specific answer but some good info regarding the question.

 

https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Threat_Protection

PhilipDAth
Kind of a big deal
Kind of a big deal

SNORT rule updates appear in the event log.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels