Snort in Transparent Bridge Mode
-
Greetings. I work in a heavy Cisco shop that is in need of an IDS solution. The Cisco solution is quite expensive and I believe that it can be accomplished with PFSense using the Snort package.
I run PFSense at home and love it. Works like a champ with everything that I want it to accomplish.
My question is this: Am I able to load Snort in transparent bridging mode and run it on the link between my firewall and my LAN? And have the rules work?
Thanks in advance.