Dear, do I have to have 3 network interfaces or 2 interfaces are enough to implement the IPS??? Because I think I'll have 1 promiscuos WAN, 1 promiscuos LAN and 1 management.
The Pfsense firewall has to be setup as BRIDGE if want to put it between the router and the corporate firewall ??? Special thanks, JeLo On Mon, Sep 29, 2014 at 5:35 PM, compdoc <comp...@hotrodpc.com> wrote: > > Here is a good place to start regarding Suricata or Snort. > > > > > http://www.linux.org/threads/suricata-the-snort-replacer-part-1-intro-install.4346/ > > > Is the free to use version of Snort going away? I scanned the page > mentioned above but it seems unclear. > > > > Suricata sounds like an excellent replacement given the advanced features, > but I have to say Snort is doing a fine job for us. > > > > I use the free Registered User rules and the free Emerging Threats rules, > and Snort is busy blocking port scans and all kinds of activity, while not > bothering/blocking our user's activity. > > > > Not that we rely solely on Snort - no unnecessary ports are listening to > the web. No management ports like 22 are open. > > > > Anyway, Snort doesn’t use much cpu time for our 30 user office, and > pfSense makes it (kinda) easy to use. Until Suricata arrives for pfSense, I > think its fine. > > > > By the way, if you have a decent speed quad-core server with at least 8GB > ram, you can easily run pfSense, Suricata, and whatever else side by side > in virtual machines. > > > > > > _______________________________________________ > List mailing list > List@lists.pfsense.org > https://lists.pfsense.org/mailman/listinfo/list >
_______________________________________________ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
