Suricata and Sensei

Started by SuperMiguel, November 16, 2021, 02:48:53 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 16, 2021, 02:48:53 PM
Im currently only using Sensei on my LAN side, the only open port i have on WAN side is for WireGuard does it make sense to run Suricata on the WAN side?
November 16, 2021, 02:57:35 PM #1
I run my firewall this way, I have a lot of hardware to spare so it doesn't affect my performance noticeably. I only have OpenVPN exposed currently, but I do host game servers in my DMZ from time to time, so it was a necessity for me. Remember any open port is an attack vector.  So you'll need to decide if you have hardware that can handle the added load of  Suricata and Sensei without affecting performance.  If you can implement it without hurting performance, and have the time to set it up and tune it, I'd say go for it.  Security is about layering solutions so it would always be a positive improvement on the security front.     
Print
Go Up Pages1
User actions