Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Snort vs Suricata vs Both

    Scheduled Pinned Locked Moved General pfSense Questions
    1 Posts 1 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JohnSCarter
      last edited by

      So I am wondering (although none seem to be working right now) what IPS I should go with. I currently have OpenVPN setup which is absorbing all traffic and the machine is a basic office-level computer.

      Due to the multi-threading and layer 7 protocols that can be used in the rules (compared to snort) it seems that Suricata is the best option however I've just watched another video now that says because of OpenAppID that Snort is the best now.

      What would be the best for security and how much performance degradation would I suffer if I implemented both at the same time (if that's even possible).

      PS:
      Also if anyone can help with a problem that I'm currently having with setting up either Snort or Suricata than please do, any help is appreciated.
      https://forum.pfsense.org/index.php?topic=145386.0

      Network security & monitoring enthusiast

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.