IPS Functionality with separate Snort box

  • We have a snort IDS on a separate system that I'd like to use in tandem with my pfSense firewall to achieve IPS functionality.

    We tried running the snort package on the pfSense firewall, but the hardware couldn't support firewall and snort operations simultaneously. The firewall was purchased as an appliance, so I couldn't just move it to better hardware.

    I read in an old thread that the snort package used to have SnortSam functionality. Does anyone know of a way to make this work with the current snort package, or by other means?


  • Please use suricata if you are looking for an IPS, snort inline support was dropped in favor of suricata.