Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Zenarmor, Suricata, ClamAV: some or all?
« previous
next »
Print
Pages: [
1
]
Author
Topic: Zenarmor, Suricata, ClamAV: some or all? (Read 1315 times)
jphilebiz
Newbie
Posts: 4
Karma: 0
Zenarmor, Suricata, ClamAV: some or all?
«
on:
February 22, 2023, 01:48:05 pm »
Hi everybody,
New to the OPNSense platform and so far am really liking it, I came over from Untangle. Digging into the optional packages I ran into Zenarmor and am intrigued to see if it's worth it as it's for a home network (but only the paranoid survive!
) running OPNSense on a box with a N5105 & 16GB Ram (
https://www.aliexpress.com/item/1005004950894114.html
).
Right now I have Suricata and ClamAV running, and have a few questions with Zenarmor:
At this point is ClamAV still useful?
Will this overtax the box? Probably not but I do have a wife approval factor to manage
Is Suricata still useful if you turn on Zenarmor?
I read that you use Suricata on the WAN interface, Zen on the LAN so at least that's that for the config part.
Thanks for your input!
Logged
NoneRain
Newbie
Posts: 1
Karma: 0
Re: Zenarmor, Suricata, ClamAV: some or all?
«
Reply #1 on:
February 23, 2023, 01:32:59 pm »
For home usage, Zenarmor is enough.
Some may be mad, but ClamAV is a low tier solution. I wouldn't rely on it.
Suricata is an IPS/IDS. Enabling ET rules is great, but to properly function as an IDS, you will need to work with rules and actively analyze logs.
If you have remote stuff, open ports, etc, use it, otherwise, Zenarmor is good enough.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Zenarmor, Suricata, ClamAV: some or all?