Hi All, We are using PFSense as a Firewall in our production environment. For IDS/IPS, we have also installed Snort package into it. In Snort, there are two rulesets one from the Snort itself and other one from Emerging Threat. We have enabled Snort Community, Snort VRT Free and ETOpen.
We have users connected behind this Firewall. We are facing the issue like slowness in the internet. The images takes long time to load. When I disable block offenders, it works fine. But the purpose of doing this whole is to prevent users from the attacks/offenders. Is all the above ruleset needed for Intrusion Detection and Prevention ? How can I increase the performance and be secure in parallel ? If any one of the ruleset is good enough to secure from the intrusion, please suggest. Would be glad if get help on which categories to be block. If could get the list of high attacks category, will do. Looking forward for your early response. Regards, Yusuf
_______________________________________________ List mailing list [email protected] https://lists.pfsense.org/mailman/listinfo/list
