AI integration for OPNsense

Started by cdsane, Today at 12:34:38 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
Today at 12:34:38 PM
Hello all is OPNsense considering deploying AI into its software for proper network and security checks and analysis ??? I think it will be a fine addition to this firewall
Today at 12:49:31 PM #1
So called "AI" and "proper network and security checks" are a contradiction.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
Today at 01:04:32 PM #2
sounds like a terrible idea
DEC740 > USW-Pro-8-PoE> U6-Enterprise
Dec670. Retired / backup device
Today at 04:10:28 PM #3
Quote from: Patrick M. Hausen on Today at 12:49:31 PMSo called "AI" and "proper network and security checks" are a contradiction.
Quote from: DEC740airp414user on Today at 01:04:32 PMsounds like a terrible idea
Agree with the above! :)



#SayNOtoMachineLearningChatBots!
Weird guy who likes everything Linux and *BSD on PC/Laptop/Tablet/Mobile and funny little ARM based boards :)
Today at 08:36:51 PM #4 Last Edit: Today at 09:21:53 PM by drosophila
Three question marks, what seems like puked-out grammar that lacks any effort, and a broad and unspecific question, all reeks of a spammer/bot, but the OP has at least a little posting history so I assume they wrote this in good faith instead of just spam or parroting buzzwords.

As such: it might be possible to have an AI-based rule analyzer that could possibly spot common mistakes and omissions. However, their results must be treated with care, just like if you'd manually fish random rule snippets off the internet. Maybe that could be worthwhile, but spending this much effort and likely fees on something so minor... nah. But since firewall rules are in the end generic, this sort of tool could be developed independently by the OP and work on the exported rule sets from all (Free)BSD-based firewalls, and a second version for Linux based ones. That could then be integrated as a community plugin if it proves to be helpful.

If this is what you have in mind: give it a go and see what it can do!

AI things are good at pattern recognition, so this would also be something for intrusion detection / prevention system makers to consider. But in that case the AI would have to run on the Firewall machine, given contemporary technology that'd be hard or need to be done like these voice-assistants using some external provider, nothing I would want to touch. Core OPNsense wouldn't benefit from this, except for the mentioned hypothetical analyzer. An AI-based rule generator wouldn't be worth it because AI-generated stuff is full of BS. It's fine for creating jokes and maybe translations, but most definitely not for anything even remotely security-related.

Possibly in some decades after the AI things have learnt to actually know what they're doing, if they ever will. Currently, "made with AI" is a stigma, not a badge of honor and definitely not a sign of quality, except in very specific cases.
Print
Go Up Pages1
User actions