Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Do I need Suricata IDS running if using Zenarmor (Sensei)
« previous
next »
Print
Pages: [
1
]
Author
Topic: Do I need Suricata IDS running if using Zenarmor (Sensei) (Read 4629 times)
walkerx
Full Member
Posts: 103
Karma: 4
Do I need Suricata IDS running if using Zenarmor (Sensei)
«
on:
June 24, 2022, 03:45:31 pm »
Hi,
I've now got Sensei (free version) fully working on my setup and wondered if I still need to use Suricata at the same time?
Regards
Logged
almodovaris
Sr. Member
Posts: 318
Karma: 15
Re: Do I need Suricata IDS running if using Zenarmor (Sensei)
«
Reply #1 on:
June 25, 2022, 10:58:18 pm »
Zenarmor is no IDS.
And you only need Suricata if you open ports to the world.
Logged
OPNsense HW:
Minisforum Venus series UN100C, 16 GB RAM, 512 GB SSD
T-bao N9N Pro, 16 GB RAM, 512 GB SSD
Vilhonator
Full Member
Posts: 245
Karma: 13
Re: Do I need Suricata IDS running if using Zenarmor (Sensei)
«
Reply #2 on:
July 01, 2022, 07:12:11 am »
Short answer is no.
Surricata or any IDS/IPS doesn't protect your network any better than regular protection software, they just add 1 layer of extra security or block VPNs, proxies and access to certain websites (like facebook, google, youtube, netflix etc.) depending on what rules and policies you use.
IDS/IPS systems are more of a thing on corporate and SOHO networks, where network manager would for example block programmer team from accessing Facebook but allow that access for social media team.
Added security they bring would come in a form of having system alert when someone is accessing their network from unknown source and prevent known exploits which could potentially lead to data leaks.
Just like any antivirus program has some false positives and won't detect everything, same goes for Surricata and Zenarmor or any IDS/IPS systems, only thing they are like 90% of the time able to block, is access to known websites good or bad.
Logged
Vilhonator
Full Member
Posts: 245
Karma: 13
Re: Do I need Suricata IDS running if using Zenarmor (Sensei)
«
Reply #3 on:
July 01, 2022, 07:42:47 am »
In short.
Unless you won't be able to just wipe your hard drive and re-install operating system when your PC gets infected by ransomware due to having data which
YOU ABSOLUTELY CAN'T LOOSE
because
YOU DO NOT OWN IT
and it is confidential like customers credit card information, social security numbers, phone numbers, home addresses etc. then you have no reason to use IDS/IPS other than wanting to use one.
Best security practice that private individuals can do are:
Backup everything you do not want to loose or is important and hard to recover
Do not click on links which are sent via mail or sms nor answer them, unless you are 10000000000000% sure it is safe.
Do not share any information about yourself and others in social media without thinking through and asking if it is ok to share that information.
Nowadays social media is biggest threat people can face. Sharing photos and all is nice, but that's also information that people are able to exploit.
For example my ex used to share his traveling plans 1 year ahead in which he told exact dates when he goes and comes back, that is untill his house was broken into and they shot his dog as well as stole anything worth stealing
I bet even you can imagine, how things can get nasty, when someone just tells their friends number to anyone who just asks nicely, without asking "now why should I tell my friends number to this person? Maybe there is a reason why (s)he doesn't know it, and maybe I should ask my friend first if it is ok"
I don't know if you remember or even heard, but couple years ago there was school bombing in Russia, after that they did security check. Out of 20 secret service agents disguised as blantantly obvious terrorists who tried to smuggle explosives to the country, 19 were able to bribe cops and border guards.
Social engineering is thing that people don't really consider, when they think about privacy. But all it really takes, is trusting wrong person, being careless or placing trust on things like automated systems, that's something no IPS/IDS is able to protect against
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Zenarmor (Sensei)
»
Do I need Suricata IDS running if using Zenarmor (Sensei)