Netgate 1100
-
Will snort run on the netgate 1100? I've done a clean install and select all the rules except the extra ones. When i try to start snort on the interface it just keeps loading but never completes. I've checked the logs but there are no error messages. I've waited as long as 30 minutes for it to start.
-
No, the 1100 is not powerful enough to run ALL the available Snort rules. It will run a small subset. Try enabling the IPS Policy option on the CATEGORIES tab and then choose the "Connectivity" IPS Policy. That will select a minimum but effective rule set. See if Snort starts with that limited set.
In the vast majority of commercial cases, and in EVERY home user case, using the simple "Connectivity" IPS Policy is plenty of protection. But just remember that the majority of Internet traffic is encrypted these days and Snort will be totally blind to that encrypted traffic unless you implement a MITM solution with a proxy.
-
@bmeeks
Snort started without issue with just the "Connectivity" IPS Policy selected. Thanks for the suggestion. -
@jwnazz said in Netgate 1100:
@bmeeks
Snort started without issue with just the "Connectivity" IPS Policy selected. Thanks for the suggestion.Thank you for the feedback
