I recently heard about this OPNsense plugin called Sensei, which by the sounds of it basically adds all sorts of network protection tools as well as extra web filtering to your installation. Is this like Suricata on steroids? Would Sensei replace all its functionality making Suricata unnecessary, or could the two work side-by-side?
I run them side by side, suricata on my WAN connections and Sensei on my LAN connections. Suricata is doing intrusion detection/prevention so it's better suited for the WAN side. Sensei is more client focused on it's implementation and not really designed to sit on the WAN side.
OK, maybe I'll run both together and see how it goes. Thanks :)
The basic difference: Suricata is a lot of work, Sensei is sit down and relax. I don't have (permanently) open ports on my firewall, so I don't need Suricata.