OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • Intrusion Detection and Prevention »
  • Which ports to monitor with IPS ?
« previous next »
  • Print
Pages: [1]

Author Topic: Which ports to monitor with IPS ?  (Read 1709 times)

hushcoden

  • Hero Member
  • *****
  • Posts: 544
  • Karma: 23
    • View Profile
Which ports to monitor with IPS ?
« on: May 24, 2020, 12:16:35 pm »
I did search quite a lot but I couldn't find a definite answer: I've enabled IDS + IPS and I'm still not sure whether or not I should also monitor the WAN port or just LAN...

By searching about the subject, I did find who was saying yes and others saying that it would make no sense as the firewall will drop bad packets anyway...

I was hoping to get a definite answer from any of the security experts of the forum...

Tia.
« Last Edit: May 24, 2020, 12:18:10 pm by hushcoden »
Logged

binaryanomaly

  • Full Member
  • ***
  • Posts: 163
  • Karma: 9
    • View Profile
Re: Which ports to monitor with IPS ?
« Reply #1 on: May 24, 2020, 12:53:40 pm »
That depends on what you want to protect against.

1. Attacks from evil outsiders?
2. Constrain compromised clients/malware?

Following the logic that you may want to drop an unwanted packet the earliest possible it's both interfaces if you consider 1 and 2 valid scenarios.
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • Intrusion Detection and Prevention »
  • Which ports to monitor with IPS ?
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2