WaterByWind
commented
3 years ago FWIW a UDM (and UDM-Pro) already has IPS/IDS which is more advanced and includes similar functionality, so there should be no need for this to be used on a UDM.
Open dicolanl opened 3 years ago
WaterByWind
commented
3 years ago FWIW a UDM (and UDM-Pro) already has IPS/IDS which is more advanced and includes similar functionality, so there should be no need for this to be used on a UDM.
dicolanl
commented
3 years ago @WaterByWind fair, but it doesnt have the ability to dynamically update a list from a provider like this.
WaterByWind
commented
3 years ago The IPS/IDS solution on a UDM does indeed provide similar functionality, and in fact is far more advanced. This is likely why nobody has looked into providing similar to this solution.
If you are simply looking at using plain IP-based lists such as this then you are missing out using a much better solution. The same knowledge used to create the many IP-based lists used here is used more effectively by Suricata, at the heart of the UDM IDS/IPS.
I haven't looked at doing this on a UDM (for the reasons noted), but previously for a USG there had been changes that made this much more difficult (at best) and I would not expect the UDM to be any easier. Aside from duplicating the functionality already existing, attempts to do so may conflict with the native solution.
Anyone looked at making this work on UDM/UDMPRO?