Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
IDS/IPS on seperate hardware from router
« previous
next »
Print
Pages: [
1
]
Author
Topic: IDS/IPS on seperate hardware from router (Read 2445 times)
mni
Newbie
Posts: 1
Karma: 0
IDS/IPS on seperate hardware from router
«
on:
March 10, 2021, 06:52:31 pm »
Hello, total beginner with OPNsense. Just ordered an APU2 board with 3 NICs for my home network, 250/250.
Would like to set up OPNsense and preferably some IDS/IPS to learn network security/monitoring. From what I understand the APU2 board has not enough CPU power do to real time traffic analysis. I have a Proxmox server running with a comet lake intel i5. Is it possible to offload the network analysis to my server somehow?
Logged
banym
Sr. Member
Posts: 468
Karma: 31
Free Human Being, FreeBSD, Linux and Mac nerd
Re: IDS/IPS on seperate hardware from router
«
Reply #1 on:
March 10, 2021, 10:41:49 pm »
Maybe you have a switch with mirror port functionality
Logged
Twitter: banym
Mastodon: banym@bsd.network
Blog:
https://www.banym.de
Tempora
Newbie
Posts: 4
Karma: 1
Re: IDS/IPS on seperate hardware from router
«
Reply #2 on:
March 26, 2021, 01:01:14 am »
I used to run a APU2C4 board - It ran Suricata just fine but took some tweaking and careful rule selection.
As above, you'd want to configure a port mirror (aka SPAN). Then you can use something like an all one package such as SecurityOnion.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Intrusion Detection and Prevention
»
IDS/IPS on seperate hardware from router
