Messages

Thanks to all for the advice, it was helpful.

Thanks. That was what I was thinking.  Just wanted to know if anybody had any of the catergories that was a must have no matter what was behind the firewall.  I am going to go through each one and see which ones will work best for me.  I don't think that most will apply as I will only have desktop users behind the firewall and only one LAMP server that will be exposed to the web. I should be able to have a pretty streamlined IPS system. 

Again any advice is helpful though.

Hi,

Am new to opnsense (coming from other sense), and so far I lie it, but I need a little guidance or IDS versus IPS, I am having trouble understating which would be better for my setup.  The setup is as follows:

Private school with around 180 students and 27 staff.  Internet is 500Mbs up and down (Centurylink FiberPlus).  Each student has a tablet or chromebook and teachers have either a desktop or laptop.  There is one server (Windows 2016) with a CentOS 7 vm that runs OTRS helpdesk which will be internet facing. Based on this, do I need IDS/IPS and if so, which rulesets make the most sense to start off with?

The firewall hardware is a Partaker 1u i5-3317u with 6 Ethernet, 4GB Ram and 128 SSD. 

I have used snort on the other sense, but I just enabled at the ETs, which was probably not smart, but it seems that what most suggested.  Any input/advise would be very helpful.

Thanks in advance