Quick question, but probably one that betrays how little I actually understand Threat Prevention at the moment.
If I create a firewall rule that allows traffic from a range of IPs, will threat prevention just ignore those?
I use a particular remote desktop streaming service that's generating a metric ton of High Threat alerts and blocks. TP is identifying that traffic as shell code execution, and I don't just want to blanket tell it to "do nothing" for all shell code execution. I also don't want to keep creating TP rules for each specific random IP I end up connected to at the cloud service.
The firewall, on the other hand, lets me define rules for a range of IP addresses, unlike the TP package. If I allow a range, will TP just ignore those?
I'm not running any world-facing servers at the moment (except for the WAN-accessible SRM control to enable the Let's Encrypt cert to automatically update). Is it even worthwhile to have Threat Protection turned on if I have the firewall enabled? As much fun as it is to tinker with, it's a pain to have to keep tinkering with it to figure out how to get it to stop generating false positives. (Like, why has Synology not figured out a way to get it to stop flagging legit STUN traffic?)
If I create a firewall rule that allows traffic from a range of IPs, will threat prevention just ignore those?
I use a particular remote desktop streaming service that's generating a metric ton of High Threat alerts and blocks. TP is identifying that traffic as shell code execution, and I don't just want to blanket tell it to "do nothing" for all shell code execution. I also don't want to keep creating TP rules for each specific random IP I end up connected to at the cloud service.
The firewall, on the other hand, lets me define rules for a range of IP addresses, unlike the TP package. If I allow a range, will TP just ignore those?
I'm not running any world-facing servers at the moment (except for the WAN-accessible SRM control to enable the Let's Encrypt cert to automatically update). Is it even worthwhile to have Threat Protection turned on if I have the firewall enabled? As much fun as it is to tinker with, it's a pain to have to keep tinkering with it to figure out how to get it to stop generating false positives. (Like, why has Synology not figured out a way to get it to stop flagging legit STUN traffic?)