Show Posts
1
Hardware and Performance / OPNSense + Suricata (or Snort) - what hardware?
« on: June 19, 2023, 08:28:57 am »
Hi all,
Completely new to OPNSense and have basic technical skills. This is a bit of a step into uncharted territory for me (thankfully that's not true because this community undoubtedly has the charts!)
Current setup:
FTTC - ISP router in bridge mode then my commercial NG Firewall with NAS connected by cable and everything else connecting via Mesh WiFi.
My FW is 8 years old and has just started showing early signs of maybe flaking out so I though it was time to consider a replacement. Research has pointed me to OPNSense with either Suricata or Snort (which is what my current FW uses) to do the IPS/IDS
I was looking at the Protectli Vault FW4B but reading through their buyers guide they suggest the FW6 series if you're using IPS/IDS
It's a fair jump up in price and I really don't need 6 ports but would like a small form factor fanless device.
I will be using VPN occasionally as well when using public WiFi but it's infrequent.
So, I guess the question is whether the FW4B would actually be sufficient and Protectli are playing safe with their recommendation or if there's other hardware that I should be looking at?
I did also see the Qotom q750g5 as an option but it doesn't seem to be available in the UK.
I don't want to cheap out, but I also don't want to waste money overspeccing the HW unnecessarily.
Thanks for your opinions, in the meantime I'll go off and research whether I should be using Suricata or Snort!
Completely new to OPNSense and have basic technical skills. This is a bit of a step into uncharted territory for me (thankfully that's not true because this community undoubtedly has the charts!)
Current setup:
FTTC - ISP router in bridge mode then my commercial NG Firewall with NAS connected by cable and everything else connecting via Mesh WiFi.
My FW is 8 years old and has just started showing early signs of maybe flaking out so I though it was time to consider a replacement. Research has pointed me to OPNSense with either Suricata or Snort (which is what my current FW uses) to do the IPS/IDS
I was looking at the Protectli Vault FW4B but reading through their buyers guide they suggest the FW6 series if you're using IPS/IDS
It's a fair jump up in price and I really don't need 6 ports but would like a small form factor fanless device.
I will be using VPN occasionally as well when using public WiFi but it's infrequent.
So, I guess the question is whether the FW4B would actually be sufficient and Protectli are playing safe with their recommendation or if there's other hardware that I should be looking at?
I did also see the Qotom q750g5 as an option but it doesn't seem to be available in the UK.
I don't want to cheap out, but I also don't want to waste money overspeccing the HW unnecessarily.
Thanks for your opinions, in the meantime I'll go off and research whether I should be using Suricata or Snort!