Stonesoft evasion techniques use a combination of TCP segmentation and MS-RPC fragmentation as well as manipulation of TCP window size and congestion control. For details refer to CERT-FI advisory (FICORA #487536).
No IPS update or patches are required.
Customers that use the recommended IPS profile in prevention mode are protected.
Customers that do not use the recommended profile, should verify that "MS-RPC over CIFS Fragmentation" protection in IPS is enabled.
This solution is about products that are no longer supported and it will not be updated