What’s New in the IPS Signature Converter Plugin 1.0.7
Table of Contents
Expand all | Collapse all
-
-
-
-
-
- Features Introduced in Enterprise Data Loss Prevention 4.0.3
- Known Issues in Enterprise DLP Plugin 4.0.3
- Features Introduced in Enterprise Data Loss Prevention 4.0.2
- Known Issues in Enterprise DLP Plugin 4.0.2
- Features Introduced in Enterprise Data Loss Prevention 4.0.1
- Known Issues in Enterprise DLP Plugin 4.0.1
- Features Introduced in Enterprise Data Loss Prevention 4.0.0
- Known Issues in Enterprise DLP Plugin 4.0.0
-
- Features Introduced in Enterprise Data Loss Prevention 3.0.8
- Features Introduced in Enterprise Data Loss Prevention 3.0.7
- Features Introduced in Enterprise Data Loss Prevention 3.0.6
- Features Introduced in Enterprise Data Loss Prevention 3.0.5
- Features Introduced in Enterprise Data Loss Prevention 3.0.4
- Features Introduced in Enterprise Data Loss Prevention 3.0.3
- Features Introduced in Enterprise Data Loss Prevention 3.0.2
- Features Introduced in Enterprise Data Loss Prevention 3.0.1
- Features Introduced in Enterprise Data Loss Prevention 3.0.0
- Known Issues in Enterprise Data Loss Prevention 3.0.8
- Known Issues in Enterprise Data Loss Prevention 3.0.7
- Known Issues in Enterprise Data Loss Prevention 3.0.6
- Known Issues in Enterprise Data Loss Prevention 3.0.5
- Known Issues in Enterprise Data Loss Prevention 3.0.4
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 3.0.3
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 3.0.0
-
- Features Introduced in Enterprise Data Loss Prevention 1.0.8
- Features Introduced in Enterprise Data Loss Prevention 1.0.3
- Features Introduced in Enterprise Data Loss Prevention 1.0.1
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.8
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.7
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.6
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.4
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.3
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.2
- Known Issues in Enterprise Data Loss Prevention (DLP) Plugin 1.0.1
- Features Introduced in the Enterprise Data Loss Prevention (DLP) Cloud Service
- Limitations
-
-
What’s New in the IPS Signature Converter Plugin 1.0.7
Learn about the enhancements in the IPS Signature Converter plugin 1.0.7.
The IPS signature converter version 1.0.7 introduces the following
capabilities:
Feature | Description |
---|---|
Support for Startswith and
Endswith keywords | For better coverage of threats identified by Suricata rules, the
converter now supports the following payload keywords:
The startswith and endswith
keywords are ignored to prevent false-postives that might
occur [due to pattern match discrepancies].Both keywords accept no arguments and must follow the
content keyword.Example usage for startswith , which modifies the
content to match at the start of the buffer:
startswith is shorthand notation for:
Example usage for endswith , which modifies the
content to match at the end of the buffer:
|
Support DNS protocol and keyword dns_query | For coverage of DNS-based threats contained in DNS requests, you
can now convert Snort and Suricata rules that use the DNS
protocol, which can be used in conjunction with the new keyword
dns_query to inspect DNS request
queries.The dns_query keyword requires the
installation of content update 8770-8365 or later. Refer to
Install Content
Updates for more information about installing the
Applications and Threats content update package.Example rule to detect DNS queries contained in DNS traffic:
|