yes, using new rules via test ips good best practice as well.
> On 6 Feb 2015, at 16:47, Darden, Patrick <patrick.dar...@p66.com> wrote: > > > Auto-Update can cause problems. I take the stance that updates should be > verified in a CERT or ISO first, before being operationalized. > --p > > -----Original Message----- > From: Colin Johnston [mailto:col...@gt86car.org.uk] > Sent: Friday, February 06, 2015 10:46 AM > To: Darden, Patrick > Cc: Colin Johnston; Roland Dobbins; nanog@nanog.org > Subject: [EXTERNAL]Re: Checkpoint IPS > > Yes, update can cause problems, same as router code updates as well. > but update is price of progress. > > Col > >> On 6 Feb 2015, at 16:44, Darden, Patrick <patrick.dar...@p66.com> wrote: >> >> >> Sorry, didn't mean to imply otherwise. Had an incident back in ~2004 where >> an IPS signature update closed ALL network traffic. Including fix-it >> updates. Definitely a case where the IPS caused major difficulties for a >> network. >> >> --p >> >> -----Original Message----- >> From: Colin Johnston [mailto:col...@gt86car.org.uk] >> Sent: Friday, February 06, 2015 10:32 AM >> To: Darden, Patrick >> Cc: Colin Johnston; Roland Dobbins; nanog@nanog.org >> Subject: [EXTERNAL]Re: Checkpoint IPS >> >> Thought I would add >> >> Astaro IPS works great, great functionality and does prevent ddos and >> exploits. >> >> Colin >> >