Ubiquiti got a lesson in never blindly trusting external input this month.
Its intrusion detection and prevention system (IDS/IPS) feature on its gateway hardware fetched a set of rules from an outside source that were broken, and rather than ignore the invalid data and fall back to known-valid data, it simply silently stopped working.
Thus users were none the wiser the network security mechanism had failed, and was no longer doing its job of alerting folks to malicious activity, in the case of IDS, or blocking it, in the case of IPS.
The IDS/IPS functionality is said to be built on the open-source Suricata tool, and is branded by Ubiquiti as its Threat Management.
This is a beta service for the network gear maker's UniFi Dream Machine (UDM) ..
Support the originator by clicking the read the rest link below.
