Chapter 15: Network Intrusion (Detection and Prevention) Systems

In this chapter, we will explore the Intrusion Detection System (IDS) and Intrusion Prevention System (IPS) concepts to understand their functionality. This will help us implement a good network perimeter defense using them. We will explore how OPNsense employs Suricata and combines it with Netmap to implement an outstanding IDS and IPS open source solution. By the end of this chapter, you will know how to use an IDS/IPS solution to monitor and block traffic using OPNsense.

In this chapter, we will cover the following topics:

IDS and IPS definition
Suricata and Netmap
Rulesets
Configuration
SSL fingerprint
Troubleshooting

Technical requirements

Good TCP/IP networking knowledge ...

Get OPNsense Beginner to Professional now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

OPNsense Beginner to Professional by Julio Cesar Bueno de Camargo

Chapter 15: Network Intrusion (Detection and Prevention) Systems

Technical requirements

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly