OPNsense Forum

Archive => 23.1 Legacy Series => Topic started by: bmt on July 04, 2023, 02:32:15 pm

Title: Suricata ET Pro & Zenarmor combo vs Mimecast
Post by: bmt on July 04, 2023, 02:32:15 pm

Hi

The environment is a campus network with 6 sites, all connected wirelessly to the main site where the Opnsense firewall and internet breakout is.

I have a client using Mimecast S1 for email and phishing security (onsite Exchange server), but we're looking for alternatives. Does anyone have any experience using Suricata ET Pro and/or Zenarmor Business? Will it provide the same/better level of protection?

TIA

Title: Re: Suricata ET Pro & Zenarmor combo vs Mimecast
Post by: wizdude on July 06, 2023, 03:10:35 pm

these are different animals.

Mimecast provides e-mail security by blocking spam and malicious content and by sandboxing potential threats for isolated testing.

Proofpoint ET PRO, Suricata, Zenarmor, Crowdsec etc provide internet security by blocking potential threats both for clients accessing malicious hosts and threat actors trying to get into your publically accessible servers.

they both solve a different problem.

i use both of these and would recommend this combination

pro-tip: Don't get rid of Mimecast. It's top shelf. Don't believe that you can get better for cheaper. i have a whole variety of clients using a whole bunch of different mail security products and Mimecast is clearly the best by a mile.

cheers, Wiz!!

Title: Re: Suricata ET Pro & Zenarmor combo vs Mimecast
Post by: bmt on July 15, 2023, 03:13:03 pm

Thank you for that clarity. Yes I agree that Mimecast is amazing, however, my client hasn't had the best experience (due to the previous integrator) so now that I'm taking over the environment, they've asked for alternatives. Using a combination of Suricata/Zenarmor and Mimecast will not be possible due to budget, but I may just scale down their unnecessary Mimecast adding, and take just S1 with Suricata/Zenarmor.