[Emerging-updates] Proofpoint Announcing End of Support for Suricata version 2 and 3 - 4/15/2020

Richard Gonzalez rgonzalez at emergingthreats.net
Wed Oct 16 11:50:34 HDT 2019


Greetings!





The Proofpoint Emerging Threats team is announcing end of Support for
Suricata version 2 and 3 on April 15th 2020.  We appreciate that this may
lead to changes within our customer's environments, so we wanted to ensure
we gave ample notice.  We will of course continue to support Suricata 4,
Suricata 5, and Snort 2.9.0 on a continuing basis.



Note that you can read the official Suricata EOL policy here:
https://suricata-ids.org/about/eol-policy/
<https://suricata-ids.org/about/eol-policy/>
EOL policy | Suricata <https://suricata-ids.org/about/eol-policy/>
Suricata has a fast 'release quickly, release often' development model
where we do two major releases a year. In our version scheme of 'x.y.z'
(e.g. 3.2.1, 4.0.0), we bump 'x' once a year. Additionally, we bump 'y'
once a year as well. We consider both pretty major releases, where the 'x'
has more room for breaking changes, even…
suricata-ids.org

Suricata 2 and Suricata 3 have not been officially supported by the OISF in
several years each; however the ET team provides extended support for the
ETPro/ETOpen ruleset on these platforms in addition to supporting the
newest engines.  This includes QA of all rules that we produce on all
platforms that we support for each export.  In order to keep delivering
world class signatures that support the latest features and functionality
of the new engines, we need to deprecate the legacy EOL engines from time
to time.



Emerging Threats historically did not release a ruleset which supported the
specific feature-set of Suricata 3.x. The detection logic found in the
Suricata 2.0 rules was deemed efficient enough to continue providing
best-in-class threat detection for our users. In discussing with our
community the EOL of the 2.0 ruleset within 90 days, it became apparent
that it would also send our users who are using Suricata 3.x engine to EOL.
We would like to provide some additional time for users on Suricata 3.x to
upgrade, so we have decided to extend the EOL until (April 15th 2020).





*So, what's changing? *

On (April 15th 2020) we will cease writing, vetting, and curating new
Suricata rules for Suricata 2.

*Links to download our Suricata 2 and Suricata 3 rules will instead point
to our documentation page.*  We will not deprecate these links or upgrade
to higher versions - they will simply cease to function as download links
and point instead to the documentation page where we have detailed our
supported rulesets and our formal support specifications.



*What's not changing?*

We are continuing our support for Suricata 4 and Suricata 5, as well as
Snort 2.9.0.  Upon availability of Snort 3.0 we will evaluate support for
that as well.



We will continue to solicit feedback on our email address, our twitter
account, and our feedback forum.



Thank you for your continued support - it aids us in ensuring we are
accurately assessing the landscape and producing high-quality detection
content.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.emergingthreats.net/pipermail/emerging-updates/attachments/20191016/834cfb35/attachment.html>


More information about the Emerging-updates mailing list