Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    ETPro and ET Intelligence download servers will be migrating to AWS

    Scheduled Pinned Locked Moved IDS/IPS
    2 Posts 2 Posters 218 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • everfreeE
      everfree
      last edited by

      Dear ETPro and ET Intelligence Community,

      As part of our ongoing work to improve our infrastructure, we will be migrating our Rule Download infrastructure for ETOpen, ETPro and ET Intelligence Replist to a more robust, globally distributed implementation. For most users, no action will be required to take advantage of these improvements.

      What Changing?:

      We will be migrating the Download Servers (rules.emergingthreats.net and rules.emergingthreatspro.com) from a hosted implementation to a globally distributed implementation.
      The IP Addresses of the download servers will be migrating to AWS IP: https://docs.aws.amazon.com/general/latest/gr/aws-ip-ranges.html

      When are the changes taking place?

      Announcement: 6/9/2020
      Initial Cutover: 7/9/2020
      We will be migrating the traffic with a increasing % every day between 7/9/2020-7/22/2020
      Completion: 7/23/2020
      Old rule servers will be retired and no longer accessible.

      1 Reply Last reply Reply Quote 0
      • bmeeksB
        bmeeks
        last edited by bmeeks

        Snort and Suricata both use the rules.emergingthreats.net and rules.emergingthreatspro.com URLs for downloading ET rules, so there should be no impact. They are not using any hard-coded IP addresses.

        However, users running other packages with large IP blocklists (in particular pfBlockerNG or pfBlockerNG-devel) will need to scour the IP lists being used by that package to be sure the AWS infrastructure IP ranges that get assigned to Emerging Threats are not on a block list. Some of those lists can be overly broad at times and block legitimate traffic.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.