Dear, this topic is very interesting to me...I have the same scenario: Internet Router --- PFsense ---- Corporate Firewall
1) Is it possible to have just 2 interfaces in Pfsense in order to setup an IPS ??? 2) Isn't it the best way to setup a bridged firewall ad Roberto said ??? Because I need to maintain the corporate firewall, and I want Pfsense just for my IPS solution. Thanking in advance. JeLo On Mon, Sep 29, 2014 at 5:07 PM, Roberto Carna <[email protected]> wrote: > Ok, thanks > > 2014-09-29 16:58 GMT-03:00 Ivo Tonev <[email protected]>: > > On pfsense is click&go. No need to install everything. :) > > > > On Sep 29, 2014 4:46 PM, "Espen Johansen" <[email protected]> wrote: > >> > >> If all you want is a IPS then i dont undertand what you need pfS for? > >> There are tons of setup guides for a linux flavour of choice to get this > >> setup done. You can even build a hogwash like setup if you like. > >> > >> 29. sep. 2014 21:38 skrev "Roberto Carna" <[email protected]> > >> følgende: > >>> > >>> Ivo, I want to locate the IPS between the router and the corporative > >>> firewall, so I think to use bridge mode....is correct??? > >>> > >>> 2014-09-29 16:34 GMT-03:00 Ivo Tonev <[email protected]>: > >>> > I recomend to use in "router mode". > >>> > > >>> > On Sep 29, 2014 4:29 PM, "Roberto Carna" <[email protected]> > >>> > wrote: > >>> >> > >>> >> Ok, and do you recommend to setup the Pfsense WAN and LAN interfaces > >>> >> in bridge mode with firewall rules enabled ??? > >>> >> > >>> >> Really thanks, > >>> >> > >>> >> Roberto > >>> >> > >>> >> > >>> >> > >>> >> 2014-09-29 16:15 GMT-03:00 Espen Johansen <[email protected]>: > >>> >> > Depends on what you want. A splitt design is normaly better and > >>> >> > safer > >>> >> > then a > >>> >> > all in one box. If you want suricata +snorby and barnyard its not > >>> >> > recommended to run it all on pfsense. There are many deps. that > will > >>> >> > cause a > >>> >> > security nightmare and you will probably run out of hw resources > as > >>> >> > well. > >>> >> > > >>> >> > OK, thanks, the last please: > >>> >> > > >>> >> > Do you recommend to install an IPS in a Virtual Machine like > Vmware > >>> >> > ??? Because we have VMweare for all our servers. > >>> >> > > >>> >> > Regards, > >>> >> > > >>> >> > 2014-09-29 15:39 GMT-03:00 Anastasios Stefos > >>> >> > <[email protected]>: > >>> >> >> Roberto > >>> >> >> > >>> >> >> Here is a good place to start regarding Suricata or Snort. > >>> >> >> > >>> >> >> > >>> >> >> > >>> >> >> > >>> >> >> > http://www.linux.org/threads/suricata-the-snort-replacer-part-1-intro-install.4346/ > >>> >> >> > >>> >> >> > >>> >> >> > >>> >> >> --- > >>> >> >> Anastasios Stefos > >>> >> >> ´αίέν άριστεύειν > >>> >> >> > >>> >> >> On Mon, Sep 29, 2014 at 2:34 PM, Roberto Carna > >>> >> >> <[email protected]> > >>> >> >> wrote: > >>> >> >>> > >>> >> >>> Dear Ivo and people, just three short questions: > >>> >> >>> > >>> >> >>> 1) Using Suricata, can I enable the IPS mode as I can using > Snort > >>> >> >>> ??? > >>> >> >>> > >>> >> >>> 2) In IPS mode, do I have to have 3 interfaces in my server ??? > >>> >> >>> > >>> >> >>> 3) The only way to view the IPS blocking events is from into > >>> >> >>> Pfsense > >>> >> >>> or can I use Snorby ??? > >>> >> >>> > >>> >> >>> Thanks again, > >>> >> >>> > >>> >> >>> Roberto > >>> >> >>> > >>> >> >>> Thanks again, > >>> >> >>> > >>> >> >>> Roberto > >>> >> >>> > >>> >> >>> > >>> >> >>> > >>> >> >>> 2014-09-29 14:37 GMT-03:00 Ivo Tonev <[email protected]>: > >>> >> >>> > Use suricata > >>> >> >>> > > >>> >> >>> > On Sep 29, 2014 2:27 PM, "Roberto Carna" > >>> >> >>> > <[email protected]> > >>> >> >>> > wrote: > >>> >> >>> >> > >>> >> >>> >> Dear, I need to know if it's possible to setup Pfsense with > >>> >> >>> >> Snort > >>> >> >>> >> to > >>> >> >>> >> get an IPS (Intrusion Prevention System), and in this case > what > >>> >> >>> >> is > >>> >> >>> >> the > >>> >> >>> >> graphical interface used to view events and dropped traffic. > >>> >> >>> >> > >>> >> >>> >> Thanks a lot, > >>> >> >>> >> > >>> >> >>> >> Roberto > >>> >> >>> >> _______________________________________________ > >>> >> >>> >> List mailing list > >>> >> >>> >> [email protected] > >>> >> >>> >> https://lists.pfsense.org/mailman/listinfo/list > >>> >> >>> > > >>> >> >>> > > >>> >> >>> > _______________________________________________ > >>> >> >>> > List mailing list > >>> >> >>> > [email protected] > >>> >> >>> > https://lists.pfsense.org/mailman/listinfo/list > >>> >> >>> _______________________________________________ > >>> >> >>> List mailing list > >>> >> >>> [email protected] > >>> >> >>> https://lists.pfsense.org/mailman/listinfo/list > >>> >> >> > >>> >> >> > >>> >> >> > >>> >> >> _______________________________________________ > >>> >> >> List mailing list > >>> >> >> [email protected] > >>> >> >> https://lists.pfsense.org/mailman/listinfo/list > >>> >> > _______________________________________________ > >>> >> > List mailing list > >>> >> > [email protected] > >>> >> > https://lists.pfsense.org/mailman/listinfo/list > >>> >> > > >>> >> > _______________________________________________ > >>> >> > List mailing list > >>> >> > [email protected] > >>> >> > https://lists.pfsense.org/mailman/listinfo/list > >>> >> _______________________________________________ > >>> >> List mailing list > >>> >> [email protected] > >>> >> https://lists.pfsense.org/mailman/listinfo/list > >>> > > >>> > > >>> > _______________________________________________ > >>> > List mailing list > >>> > [email protected] > >>> > https://lists.pfsense.org/mailman/listinfo/list > >>> _______________________________________________ > >>> List mailing list > >>> [email protected] > >>> https://lists.pfsense.org/mailman/listinfo/list > >> > >> > >> _______________________________________________ > >> List mailing list > >> [email protected] > >> https://lists.pfsense.org/mailman/listinfo/list > > > > > > _______________________________________________ > > List mailing list > > [email protected] > > https://lists.pfsense.org/mailman/listinfo/list > _______________________________________________ > List mailing list > [email protected] > https://lists.pfsense.org/mailman/listinfo/list
_______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
