Meraki

GrahamG · ‎Dec 14 2020

Have the FireEye Snort rules to detect SunBurst IOCs been incorporated into MX Advanced Security IDS/IPS?

DarrenOC · ‎Dec 14 2020

Hi Graham, look into your Event log on the MX and do a search for update. You’ll see that the snort rules have been updated quite a few times recently

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

View solution in original post

DarrenOC · ‎Dec 14 2020

Hi Graham, look into your Event log on the MX and do a search for update. You’ll see that the snort rules have been updated quite a few times recently

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

GrahamG · ‎Dec 15 2020

Thanks, Darren. I do see daily snort rule updates.

ChesterX · ‎Dec 19 2020

What "event type" do you search for to see this?

DarrenOC · ‎Dec 19 2020

Hi @ChesterX , see screenshot

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.

ChesterX · ‎Dec 19 2020

Thank you!

Meraki

Community

MX Advanced Security & SolarWinds breach

MX Advanced Security & SolarWinds breach

Advanced Security License

Solarwinds NPM snmp polling works somewhat

Advanced Malware Protection (AMP) retrospect alert

Security & SD-WAN - DHCP

Advanced Security license for MXs query.