Generate Secure Firewall Recommendations in Snort 3: Upgrade Scenarios
Starting or stopping the use of Secure Firewall recommendations may take several minutes. It depends on the size of your network and intrusion rule set.
Generate the Secure Firewall recommendations for the intrusion policy. Follow the steps for the upgrade scenarios described in the procedure.
Before you begin
Secure Firewall recommendations have the following requirements:
-
Firewall Threat Defense License—Threat
-
Classic License—Protection
-
User Roles—Admin or Intrusion Admin
-
Ensure that hosts are present in the system to generate recommendations.
-
Protected networks configured for recommendations should map to the hosts present in the system
Procedure
| 1 |
Upgrade from 6.5+ to 7.1.
|
||
| 2 |
Displays the Snort 2 to Snort 3 Sync summary details:
You can also download the summary details.
|
||
| 3 |
Considering an Upgrade Scenario 2: Upgrade from 6.5+ to 7.0 to 7.1 - First upgrading to 7.0: |
||
| 4 |
Choose and identify the intrusion policy that is out-of-sync. |
||
| 5 |
Click the Sync icon (
|
||
| 6 |
Read through the summary and download a copy of the summary if required. |
||
| 7 |
Considering there are no recommendations in 7.0 and Snort 2 recommendations are migrated as the rule overrides in 7.0. |
||
| 8 |
Displays the Migrated Overrides details:
You can also download the summary details.
|
||
| 9 |
Upgrade from 7.0 to 7.1: |
||
| 10 |
For a 7.0 Firewall Management Center with Snort 2 Rule Recommendations, after upgrade to 7.1, you will be notified with a sync summary message. |
).
) ).What to do next
Deploy configuration changes; see Deploy Configuration Changes.