Snort mailing list archives
Re: INQUIRY - seeking suitable micro-appliance for snort deployment and centralized alerts console from variety of WAN deployments in residential networks
From: Jaime Nebrera <jnebrera () redborder org>
Date: Thu, 03 Jul 2014 13:14:08 +0200
Hi Chase,
1) Seeking pointers to a no-fuss micro-appliance and “how to” guide to host Snort on it — for deployment at family members home networks to assess their network risks. For example, http://utilite-computer.com/web/home or some other physical form factor that does not require a whole lot of hand tuning and installing of hardware; and
That platform is provably your best pick as a bundled low cost dual port system. Sadly, it doesnt include lan bypass that is a good to have feature for inline deployments and also is arm based that will make it much more complex your idea of fuss free install.
2) Are there third-party cloud-centric monitoring strategies wherein those remotely provisioned snort deployments on micro-appliances (at family member home networks in various states) can be consolidated into a central console for review of security alerts and all?
If you want to only see produced events, Security Onion, Snorby, Sguil, etc are good choices Security Onien provides also the sensor side If you want vbesides viewing events the capacity to centrally manage and configure he devices, control rule workflow etc, IMHO redBorder is a better alternative. Still, none of them are ready for "plug & play" in such a box If you can get traffic to a span port or similar, your cheapest choice would be some Raspberry Pi based alternative For x86 based alternatives, with single port Intel NUC is a great choice. Duakl port, more complex, you will provably need to go for speciallized suppliers like Lanner, Portwell, Nexcom and such or use the small barebone from Supermicro, but all of them are orders of magnitude more expensive than the Utilite Regards ------------------------------------------------------------------------------ Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft _______________________________________________ Snort-users mailing list Snort-users () lists sourceforge net Go to this URL to change user options or unsubscribe: https://lists.sourceforge.net/lists/listinfo/snort-users Snort-users list archive: http://sourceforge.net/mailarchive/forum.php?forum_name=snort-users Please visit http://blog.snort.org to stay current on all the latest Snort news!
Current thread:
- INQUIRY - seeking suitable micro-appliance for snort deployment and centralized alerts console from variety of WAN deployments in residential networks Chase Turner (Jul 02)
- Re: INQUIRY - seeking suitable micro-appliance for snort deployment and centralized alerts console from variety of WAN deployments in residential networks Doug Burks (Jul 02)
- Re: INQUIRY - seeking suitable micro-appliance for snort deployment and centralized alerts console from variety of WAN deployments in residential networks Jaime Nebrera (Jul 03)
- Re: INQUIRY - seeking suitable micro-appliance for snort deployment and centralized alerts console from variety of WAN deployments in residential networks Randal T. Rioux (Jul 06)
- Re: INQUIRY - seeking suitable micro-appliance for snort deployment and centralized alerts console from variety of WAN deployments in residential networks Jaime Nebrera (Jul 06)
- Re: INQUIRY - seeking suitable micro-appliance for snort deployment and centralized alerts console from variety of WAN deployments in residential networks Joel Esler (jesler) (Jul 07)
- Re: INQUIRY - seeking suitable micro-appliance for snort deployment and centralized alerts console from variety of WAN deployments in residential networks Randal T. Rioux (Jul 06)
- Re: INQUIRY - seeking suitable micro-appliance for snort deployment and centralized alerts console from variety of WAN deployments in residential networks Livio Ricciulli (Jul 10)