search cancel

SDCS-SA 6.0 Mixing of wildcard(*)in a single octet should fail policy translation but is currently is not.


Article ID: 159035


Updated On:


Critical System Protection Client Edition Data Center Security Server Advanced


1)edit a 6.0 policy with basic protection strategy
2)Navigate to global network rules
3)Under inbound components, specify a an ip with mixing of wildcards as
10.2*1.*.2*5 under global inbound address lists
4)under network rule specify the remote ip as global inbound hosts component
5)save and apply the policy to the agent

Expected: Policy translation should fail with wildcard mixing in an octet,
10.2*1.*.2*5 gets resolved under minus file, no translation error if the
wildcard is mixed with other characters i.e. 10.2*1.*.2*?5

Observed: Policy translates  successfully.


There is no error but the rule in the policy will not work correctly.


Do not use mutliple wildcards for IP addresses in SCSP IPS policies even if the UI allows you to do so.