 |
|
|
| > |
QUESTION POSED ON: 30 July 2007
My FreeBSD router has 2 NIC cards: one connected to the data feed from the data center, the other connected to a 24-port switch. Can I install a tool like Snort in this scenario? If so, what are some configuration challenges that I might run into?
|
|
|
To continue reading for free, register below or login
To read more you must become a member of SearchSecurity.com
|
|
BROWSE BY TAG
Network Security,
Open Source Security Tools and Applications,
Application and Platform Security,
Network Intrusion Detection (IDS),
Network Intrusion Detection and Analysis,
Enterprise Network Security,
Network Security: Tools, Products, Software,
Network Firewalls, Routers and Switches,
VIEW ALL TAGS
|
|
You can run Snort in a scenario like this, but that doesn't mean that you should. In the case you're describing, my biggest fear is that you're taking a FreeBSD server and asking it to act in three roles: a server, a router and an intrusion detection system (IDS). This is OK in a bootstrap environment, but if you're at the point where you're running a data center with 24-port switches, I wouldn't encourage it.
I'd recommend that you obtain specialized devices to fill each role on your network. It's a best practice to have a dedicated router filing the router role, and it'll be better yet if you can purchase a hardware router, rather than building one on a FreeBSD server. Similarly, you should have a separate device acting as your IDS sensor.
The reason for all of this? Minimizing complexity. A more complex networking environment increases the chances of something going wrong and makes it more difficult to troubleshoot network problems.
More information:
Check out SearchSecurity.com's Snort Intrusion Detection and Prevention Guide.
Scott Sidel gives his take on Snort as an network intrusion defense tool.
|
|
|
|
|
|
|
|
Search and Browse the Expert Answer Center
Search and browse more than 25,000 question and
answer pairs from more than 250 TechTarget industry experts.
|
|
|
|
|
|
|
|
|
|
|
|
