Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Which ports to monitor with IPS ?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Which ports to monitor with IPS ? (Read 1708 times)
hushcoden
Hero Member
Posts: 544
Karma: 23
Which ports to monitor with IPS ?
«
on:
May 24, 2020, 12:16:35 pm »
I did search quite a lot but I couldn't find a definite answer: I've enabled IDS + IPS and I'm still not sure whether or not I should also monitor the WAN port or just LAN...
By searching about the subject, I did find who was saying yes and others saying that it would make no sense as the firewall will drop bad packets anyway...
I was hoping to get a definite answer from any of the security experts of the forum...
Tia.
«
Last Edit: May 24, 2020, 12:18:10 pm by hushcoden
»
Logged
binaryanomaly
Full Member
Posts: 163
Karma: 9
Re: Which ports to monitor with IPS ?
«
Reply #1 on:
May 24, 2020, 12:53:40 pm »
That depends on what you want to protect against.
1. Attacks from evil outsiders?
2. Constrain compromised clients/malware?
Following the logic that you may want to drop an unwanted packet the earliest possible it's both interfaces if you consider 1 and 2 valid scenarios.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
Which ports to monitor with IPS ?