English Forums > Intrusion Detection and Prevention

ET Telemetry Rules

(1/1)

spetrillo:
Hello all,

Is there a set of rules that I should be setting as Drop only, rather than waiting for the alert and then dropping it? Would like to get ahead of the malicious actors if I could. My firewall and Suricate stood up to a very large brute force attack a couple of days ago...yea!

Thanks,
Steve

Navigation

[0] Message Index