Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Suricata

    Scheduled Pinned Locked Moved pfSense Packages
    3 Posts 3 Posters 1.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      ghkrauss
      last edited by

      How frequently is the open source (free) rule set updated? Additionally, the paid suricata subscription is so expense ($500.00); are there discounts or low cast alternatives?

      Thank you for any assistance.

      G. H. Krauss

      1 Reply Last reply Reply Quote 0
      • BBcan177B
        BBcan177 Moderator
        last edited by

        I would recommend the ET Paid version.. It is updated more frequently… Not all of the Rules end up in the Open Ruleset either.. Also this is not just for Suricata, its also the same rulesets for Snort.

        Here is a link to the daily update for ET.
        http://emergingthreats.net/daily-ruleset-update-summary-20150107/

        "Experience is something you don't get until just after you need it."

        Website: http://pfBlockerNG.com
        Twitter: @BBcan177  #pfBlockerNG
        Reddit: https://www.reddit.com/r/pfBlockerNG/new/

        1 Reply Last reply Reply Quote 0
        • bmeeksB
          bmeeks
          last edited by

          Currently Emerging Threats offers no lower cost versions that I am aware of (excepting the free Open Source version you mentioned).

          You can use the Snort VRT rules with Suricata, but there are around 700 of those rules (if I remember the count correctly) that will not load because they contain keywords Suricata does not recognize.  They won't break Suricata, but any protection afforded by the non-loading rules will of course be sacrificed.

          Snort VRT does offer a home-use annual subscription for their latest rules.  It is $29.99 USD per year.  That's certainly cheaper than $500 USD per year.

          Many folks use a combination of the ET-Open free rules and a paid Snort VRT subscription.  Of course if you are a commercial enterprise, $500 per year is generally not considered an excessive expense for cyber security protection.

          Bill

          1 Reply Last reply Reply Quote 1
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.