Announcement

Collapse
No announcement yet.

imunify360-agent 3rdparty conflicts

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • imunify360-agent 3rdparty conflicts

    I ran imunify360-agent 3rdparty conflicts
    got this
    {'scan_inotify_cxswatch_daemon': True, 'csf_dos_protector': True, 'smtp_blocking_CSF_block': True, 'smtp_blocking_enable': True}
    do it mean that its true I have conflics?
    if yes how to solve it.
    I have CXS, CSF, ClamAV and Maldet

  • #2
    Hello there,

    Thank you for bringing us all your questions.

    We recommend disabling CXS, ClamAV, and Maldet on your server since it may cause conflicts with IM360, other than that, the CSF works fine with IM360 since has an integration between them, so you might keep it enabled safely. Just make sure of enabling the integration for CSF (it's enabled by default though)

    Code:
    # imunify360-agent config update '{"CSF_INTEGRATION": {"catch_lfd_events": true}}'
    Imunify360 engine looks at CSF_INTEGRATION.catch_lfd_events, therefore the events exposed by CSF are used as the source for blocking IPs. It works harmoniously with Imunify avoiding conflicts with firewall rules, and also keeping cooperation with other attack-mitigation subsystems and heuristics. It's recommended for most similar environments.

    See full details at: https://docs.imunify360.com/ids_inte...ds-integration

    Comment


    • #3
      Thank You
      Mitch

      Comment


      • #4
        Followed your suggestions and now this is left
        {'csf_dos_protector': True, 'smtp_blocking_CSF_block': True, 'smtp_blocking_enable': True}
        in 360 settings SMTP Traffic Management and DoS Protection are grayed out

        Mitch

        Comment


        • #5
          Yes, it's expected, because as you have the CSF side running with Imunify, the DOS protections and SMTP management are fully managed by CSF, not IM360, however, due to the catch_lfd_events integration, IM360 will check the events exposed via LFD and keep the IM360 ipset lists and stats in sync with CSF. It's strategically done to avoid double-resource consumption and false positives blocking requests.

          Have an excellent Friday, and the weekend is just upcoming,

          Comment

          Working...
          X