[Oisf-users] Place to install Suricata
Jay M.
jskier at gmail.com
Thu May 14 14:19:13 UTC 2015
It runs great on a VM, and with rspan or a tap passed-thru. I have a
request in for erspan (some of the newer Cisco switches use this
instead). The specs you need depend on the volume of traffic and the
features of suricata you wish to use - relatively simple trial and
error with specs worked well for me. All my instances now are VMs, and
there haven't been any bugs I've had to report specific to this
environment, other than those that impact all environment
installations of suricata.
--
Jay
jskier at gmail.com
On Thu, May 14, 2015 at 3:06 AM, Minh Trung <mvtrung27 at gmail.com> wrote:
> Hi experts,
>
> My network as below:
>
>
> Internet line
> |
> |
> Router
> |
> |
> Switch(Cisco 2960)
> |
> |
> VPN 1 line <------+--------- Firewalls(Fortinet) -------+-------->
> VPN 2 line
> |
> |
> Core switches
> | |
> | |
> LAN VMware system(ESX)
>
>
> Is this possible to place Suricata on vmware ? which spec i need to
> configuration for this machine? I want to capture all from Internet line,
> how to
> configuration Suricata to listen everything on Router, how configuration
> router look like?
> Any help is appreciated,
>
> Regards,
>
> _______________________________________________
> Suricata IDS Users mailing list: oisf-users at openinfosecfoundation.org
> Site: http://suricata-ids.org | Support: http://suricata-ids.org/support/
> List: https://lists.openinfosecfoundation.org/mailman/listinfo/oisf-users
> Suricata User Conference November 4 & 5 in Barcelona: http://oisfevents.net
More information about the Oisf-users
mailing list