Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
IPS Suricata - Strange Behavior
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPS Suricata - Strange Behavior (Read 1844 times)
diogossilva
Newbie
Posts: 1
Karma: 0
IPS Suricata - Strange Behavior
«
on:
February 28, 2022, 05:28:15 pm »
Hello guys,
We are new at this system and we are noticing some strange behavior about IPS/IDS (Suricata system).
We have a Suricata installation on Vmware.
This OPNSENSE has 8vCores + 8GB Ram and we have SSD do filesystem and have syslog external.
The objective is to provide a 2nd level of IPS/IDS, since the OPNSENSE has an IP that is the gateway from all virtual servers.
All services are running OK but time to time, we have strange sloness on the network, for exampla a file transfer between someone local on the LAN and the fileshare on the virtual environment are processed at Kb/s...
The method we have seen to correct this is to disable IPS mode and then enable it again..
The we achive more than 50MB/s ..
Current specs :
Versions OPNsense 21.7.8-amd64
FreeBSD 12.1-RELEASE-p22-HBSD
OpenSSL 1.1.1m 14 Dec 2021
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
IPS Suricata - Strange Behavior
