[Oisf-users] Analysis of SSL-decrpyted traffic

Cooper F. Nelson cnelson at ucsd.edu
Wed Feb 26 21:12:09 UTC 2020

Oh ok, I've never done a deployment like that so I'm not sure how that 
would work.

Personally I would run two separate suricata processes, one per interface.


On 2/26/2020 2:30 AM, Federico Foschini wrote:
> However I did some testing and it looks like that if I’m only sniffing 
> from the firewall interface everything is working fine. The issue 
> starts when I’m sniffing both from the mirror port on the switch and 
> on the firewall with this configuration:

Cooper Nelson
Network Security Analyst
UCSD ITS Security Team
cnelson at ucsd.edu x41042

More information about the Oisf-users mailing list