So we just got some Threat and URL licensing. Going through docs and some trials, I see that when there is a new SRU or VDB update, the policy deployment can cause Snort restarts causing traffic disruption.
How do you handle this? I mean, if I have to keep updated, I need a weekly maintenance window disrupting traffic at our DC's. Our interfaces are routed, so based on docs, new connections are dropped until snort comes back up.
No comments:
Post a Comment