Hi,
I'm setting up a network for interactive signage terminals (wayfinding) in a hospital and I want to secure it. I'm using version 24.1. The idea is to isolate the touch screens on a dedicated VLAN so that they don't interfere with the medical network. What do you recommend for the output rules? Pure FW or should I go through a proxy? I'm a little worried that Suricata will mess up the map update flows. If anyone has already managed this kind of network on this version, I'd love to hear your feedback.
Thanks!
Just a question:
OpnSense 24.1 is - as the name suggests - two years old and since it is a CE version, will get no security updates any more (and also has not gotten them in a long time).
Are you sure you want to use it in an environment where sensitive patient data and/or medical equipment is involved? I understand that you want to separate out touch screens for a less security-related application, but the keyword here is "separate".
Or are you just telling us OpnSense 24.1 is still in use in that environment and you want to add another application? Because that would be just as bad...