[Oisf-users] IPS alternatives to Snort's guardian?

John Devine john.devine at nuspire.com
Wed Jan 27 20:10:29 UTC 2016

Hi all,

Currently I run snort as an IDS and guardian as an IPS. I am looking for alternatives to guardian for IPS software because guardian does not allow me to manually unblock specific IP addresses or change the duration of which something is blocked without some hassle or custom scripts. I have been messing around with Suricata and have successfully got it running both in IDS and IPS mode and alerting successfully. Right now I want to run Suricata as an IDS and have some other open source software to run as my IPS. Are there any decent alternatives to guardian.pl which allow me to manually unblock specific IP addresses and change the length of time in which something is blocked? I am looking for a good IPS 'companion' to run in tandem with Suricata.

Thanks in advance
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openinfosecfoundation.org/pipermail/oisf-users/attachments/20160127/f28e70a1/attachment.html>

More information about the Oisf-users mailing list