Menu
What's new
By:
Filters Better Search

Network Traffic Monitoring for Intrusion Detection

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

E

ericnix

Occasional Visitor
I'm currently using a Ubiquiti EdgeRouter Pro and UniFi switch on my network. I have an OpenVPN set up as well as remote access to three cameras.

I would like to monitor my network for any network intrusion from outside.

What would be the best option to do this? I've looked at pfSense running Snort. I'm not sure if that will do what I want it to do. Basically I would like everything on my network to be mirrored to the device for intrusion detection.

Any recommendations for hardware and ways to set this up?

Thanks!
 
I ended up purchasing an XG-1540 from the pfSense store that is serving as my OpenVPN server and running Snort for intrusion detection.
 
ericnix said:
I'm currently using a Ubiquiti EdgeRouter Pro and UniFi switch on my network. I have an OpenVPN set up as well as remote access to three cameras.

I would like to monitor my network for any network intrusion from outside.

What would be the best option to do this? I've looked at pfSense running Snort. I'm not sure if that will do what I want it to do. Basically I would like everything on my network to be mirrored to the device for intrusion detection.

Any recommendations for hardware and ways to set this up?

Thanks!
Click to expand...

Just hang on a bit...won't be long, Ubiquiti is looking to introduce an IPS/IDS feature. Will show up in an update.
 
ericnix said:
I ended up purchasing an XG-1540 from the pfSense store that is serving as my OpenVPN server and running Snort for intrusion detection.
Click to expand...

Yikes - that's just a bit of overkill @ $2500USD - it'll certainly do the job though for an good size medium enterprise location...

An alternate would be Netgate's SG-4860 1U $800USD if you need rack support - and this is a fairly capable box - this is also overkill for any home network...

https://www.netgate.com/products/sg-4860-1u.html

The ADI Engineering, Netgate, and pfSense boxes are all the same...

(FWIW - seems that Netgate has closed the pricing loophole - as an example, one could order Netgate 2440 from them at $349, from pfSense at $500...)

Anyways - the ADI/Netgate boxes are very well designed for the purpose at hand...
 
You must log in or register to reply here.

Similar threads

O
Router that can handle 1000Mbit Full duplex WAN-LAN
2
Replies
36
Views
2K
L&LD
L&LD
Spydawg
need help with network loop.
Replies
9
Views
417
coxhaus
C
A
Advice on using old PC as dedicated NAS for security cameras
Replies
5
Views
845
bbunge
bbunge
J
Optomizing SOHO network
Replies
10
Views
664
Joel_R
J
O
Network Overloaded with NAS + wifi? Is is possible?
Replies
2
Views
353
glens
G
Similar threads
Thread starter Title Forum Replies Date
R Unknown Hidden Network from Xbox General Network Security 3
D Network security from kids General Network Security 11
C IoT and overall network performance General Network Security 2
E Guest network isolation - what did I miss? General Network Security 0
P Threat protection / DNS filtering / Router security (on home network) General Network Security 1
Wallace_n_Gromit NordVPN--Couldn't establish a secure connection... internet traffic intercepted? General Network Security 7

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 807 (members: 20, guests: 787)
Top