Imunify360 & LFD
Forum
  1. Forums
  2. Imunify360
  3. Imunify360 and Imunify Sensor
  1. Ryan Smith
  2. Tuesday, 31 January 2017
  3.  Subscribe via email
One thing that's preventing us from testing Imunify360 on more servers is that we really depend on LFD's (part of ConfigServer Firewall) AUTHRELAY, LOCALRELAY and LOCALHOSTRELAY tracking to monitor for spammers, which is particularly useful on older servers where customer web applications may not always be up to date.

I'd like to use Imunify360's herd firewall, but still use LFD for monitoring of spammers.

Is there any way to make these play nicely together?
Rate this post:
  1. 31.01.2017 03:01:50
  2. # 1
Igor Seletskiy Accepted Answer
Posts: 1200
Joined: 09.02.2010
0
Votes
Undo
Our next version of Imunify360 (around a month from now) should integrate nicely with LFD/CXS. This way you will be able to get the best of both worlds.
  1. 31.01.2017 15:01:29
  2. # 2
Ryan Smith Accepted Answer
Posts: 32
Joined: 27.04.2016
0
Votes
Undo
That sounds great. Looking forward to it!
  1. 01.02.2017 09:02:08
  2. # 3
Posts: 18
Joined: 21.04.2011
0
Votes
Undo
Do you by the way plan features like this ?
Usually (90% - 10% it's phishing) when an account gets infected/hacked bots or malicious users are uploading mail scripts. And the usual Top #1 problem for us (My personal opinion of course) is dealing with outgoing mail spam.

CSF/LFD notifies us when someone / some script is sending mass mails (variable to send alert after x mails), localrelay, authrelay, and when the queue is above x limit.

When I get the warning I know something is wrong and start investigation. If not, usual outcome is server IP blacklisted in multiple RBLs -and other users can't send mails-, abuse mails from datacenters, IP block, or whole server block (for one account). So I believe it's crucial to know what's happening with outgoing mails and queues.
  1. 02.02.2017 05:02:32
  2. # 4
Trax-Takeshi Accepted Answer
Posts: 3
Joined: 02.02.2017
0
Votes
Undo
We are eager to go full throttle on Imunfiy360 if and when:


  • it is fully integrated with CSF
  • those exciting features like Malware Detection and Intrusion Detection and Protection System are functional
  • it is able to give you more incident report that you can actually use
  • and Web Applications Sandboxing



If Imunify360 can come out with these, it will be the ultimate game-changer.
I guess that these will be available with next release and looking forward to that.
  1. 07.03.2017 15:03:50
  2. # 5
Ryan Smith Accepted Answer
Posts: 32
Joined: 27.04.2016
0
Votes
Undo
I was informed by email that Imunify360 now supports CSF integration, however I don't see a way to switch back to using it.

Is the only way to uninstall Imunify360, reactivate CSF, and then reinstall Imunity360 to get the CSF integration working?
  1. 08.03.2017 13:03:49
  2. # 6
Rushan Accepted Answer
Posts: 0
Joined: 14.10.2019
0
Votes
Undo
I was informed by email that Imunify360 now supports CSF integration, however I don't see a way to switch back to using it.

Is the only way to uninstall Imunify360, reactivate CSF, and then reinstall Imunity360 to get the CSF integration working?


Hi! Since version 1.1.3 if user has Imunify360 agent running, he can just start csf (csf -e) and in about 30 seconds imunify360 will switch to csf integration mode. To check it, user can visit Firewall->White list page of Imunify360 UI and check if there is a "White list management disabled" warning.
  1. 08.03.2017 16:03:28
  2. # 7
Ryan Smith Accepted Answer
Posts: 32
Joined: 27.04.2016
0
Votes
Undo
Great, that worked. Support had told me to re-install which I thought was likely unnecessary.
  1. 08.03.2017 16:03:09
  2. # 8
Ryan Smith Accepted Answer
Posts: 32
Joined: 27.04.2016
0
Votes
Undo
Can you clarify exactly how the CSF integration works?

CSF/LFD takes back over as the main firewall and Imunify just handles your gray listed IPs for herd protection?
  1. 09.03.2017 06:03:21
  2. # 9
Rushan Accepted Answer
Posts: 0
Joined: 14.10.2019
0
Votes
Undo
Can you clarify exactly how the CSF integration works?

CSF/LFD takes back over as the main firewall and Imunify just handles your gray listed IPs for herd protection?


Yes, CSF acts as primary firewall and Imunify360 only maintains gray list. You can get more details here https://docs.imunify360.com/index.html?csf_integration.htm
  1. 07.04.2017 20:04:56
  2. # 10
Frank Doud Accepted Answer
Posts: 39
Joined: 21.08.2010
0
Votes
Undo
Our next version of Imunify360 (around a month from now) should integrate nicely with LFD/CXS. This way you will be able to get the best of both worlds.


I see no mention of integration with CXS. Has this been accomplished?

Thanks
  1. 10.04.2017 09:04:25
  2. # 11
Rushan Shaymardanov Accepted Answer
Posts: 0
Joined: 14.10.2019
0
Votes
Undo
I see no mention of integration with CXS. Has this been accomplished?

No integration with CXS is planned as imunify360 has all features CXS does.
  1. 20.04.2017 11:04:17
  2. # 12
WebJIVE Accepted Answer
Posts: 0
Joined: 14.10.2019
0
Votes
Undo
It would be nice for Immunify360 to have a CSF and CXS uninstall option. Once hosting companies like us are comfortable that I360 is on par with CSF triggers, alerts, etc. that we can sundown CSF and CXS.
  • Page :
  • 1


There are no replies made for this post yet.
Be one of the first to reply to this post!
Guest
Submit Your Response
Upload files or images for this discussion by clicking on the upload button below. Supports gif,jpg,png,zip,rar,pdf
• Insert • Remove Upload Files (Maximum File Size: 2 MB)
Captcha
To protect the site from bots and unauthorized scripts, we require that you enter the captcha codes below before posting your question.