Snort in Transparent Bridge Mode

  • Greetings.  I work in a heavy Cisco shop that is in need of an IDS solution.  The Cisco solution is quite expensive and I believe that it can be accomplished with PFSense using the Snort package.

    I run PFSense at home and love it.  Works like a champ with everything that I want it to accomplish.

    My question is this:  Am I able to load Snort in transparent bridging mode and run it on the link between my firewall and my LAN?  And have the rules work?

    Thanks in advance.

Log in to reply