What does the firewall setting "use passive detection mode" do?

The new firewall setting "use passive detection mode" that has something to do with the DHCP-traffic makes me clueless of what it really is and what it does. If someone could please explain I would be really happy :)


  • any updates
  • Zboncak69
    edited August 9

    An IDS can only detect an attack. It will respond after detecting an attack, and IDS responses can be either passive or active. If you’re planning to take the Security+ exam, you should have a basic understanding of appropriate tools and techniques to discover security threats and vulnerabilities.

    edit:link deleted

  • Hello,

    The DHCP interception is for detecting devices entering the network (example: your home wifi).

    This serves two purposes: 1: vulnerability scanning and 2: if one owns a subscription with free slots and a new device supporting one of our products is connecting into the network, we suggest installing protection on it.

    The new setting - default OFF - is to use only the light detection on DHCP port. Previously more traffic was analyzed but we come up with this split into lighter (OFF) and heavier (ON) device detection - the latter being for certain users running custom DHCP server software on their machines.