Building a Transparent Bridge Filter with OPNsense

Started by rgnldo, November 05, 2024, 03:56:52 PM

Previous topic - Next topic
Print
Go Down Pages 1 2
User actions
January 28, 2025, 09:07:52 PM #15
Quote from: EricPerl on January 28, 2025, 07:30:54 PMCrowdsec on the router is not going to be controversial.
IDS/IPS is more questionable, especially if you're blocking everything on the WAN side (why bother inspecting traffic that is going to be blocked).
Additionally, encrypted traffic can't be inspected anyway. What's left?

Sensei is facing the same issues. Sensei on a TFB behind OPN with Crowdsec and IDS/IPS looks overkill/redundant.
I've seen articles with proxies terminating SSL for inspection purposes. I have not bothered trying, but it could be better use of your HW IMO.

Thank you for the prompt reply, Eric! That's what I thought. Well, I guess I have to find now another purpose for the HW I was planning to use as a TFB :-)
Print
Go Up Pages 1 2
User actions