- NG Firewall firmware versions 5.2.x
Distributing Intrusion Prevention System (IPS) patterns via Control Center or legacy Management Center
Unlike with single boxes, utilizing the IPS feature on centrally managed firewalls requires distributing the IPS patterns via the Control Center.
Since this feature is dependent on the licenses used there are four setup combinations that are possible.
Scenario 1: NG Control Center and NG Firewall
The IPS feature is included in the Energize Updates license.
When both the NG Firewall and the NG Control Center boxes have valid EU licenses, the IPS patterns can be distributed from the CC to the NGF without problems.
Scenario 2: legacy Management Center and NG Firewall
If you have an NG Firewall and wish to use IPS (provided it has an existing EU license), you will need a special ADD-IPS license on the Management Center.
Please contact your regional sales partner to get an ADD-IPS license for free.
Scenario 3: NG Control Center and legacy netfence Firewall
Legacy netfence firewalls need, similar to the MC above, a special license to utilize IPS, in addition to the EU license on the NG Control Center (Box Layer).
Unlike the ADD-IPS license, the IPS license for the legacy netfence firewalls requires a subscription fee. Please contact your regional sales partner for more information.
Scenario 4: legacy Management Center and legacy netfence Firewall
This combination requires both the netfence firewall license subscription for IPS, as well as the free ADD-IPS license for the MC.
To acquire the respective licenses, please contact your regional sales partner.
If you wish to know how to force the pattern updates from the Control Center, please refer to the screenshot below.
Behind the Set Area Config you can configure the proxy for the CC to utilize when connecting to the Barracuda Servers for new patterns.
Link to This Page: