Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Question: Firewall with default block and IDS/IPS
« previous
next »
Print
Pages: [
1
]
Author
Topic: Question: Firewall with default block and IDS/IPS (Read 958 times)
ArminF
Full Member
Posts: 205
Karma: 11
Question: Firewall with default block and IDS/IPS
«
on:
September 30, 2020, 12:31:14 pm »
Hey there,
since a few days i cannot get this out of my mind. Maybe i miss something. But i would like to read your opinions.
Very curious to your answers.
So here is the question:
When a firewall (internet to WAN Nic) is set to default block all does it make sense to activate IDS/IPS on that interface? I mean there is absolutely nothing exposed through this NIC which would be reachable from the internet.
So my assumption is that all is blocked. Anything. Any port any protocol any action from internet to this dedicated interfae. How could an attack happen then? Would IDS/IPS then be needed?
I am not talking about connections from LAN/DMZ to the internet through WAN. All connections there are made internally to the outside and stateful keeps the channel as long the communication takes open.
What do you think?
thanks
A
Logged
English: Never try, never know!
Deutsch: Unversucht ist Unerfahren!
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Question: Firewall with default block and IDS/IPS
