[Snort-users] Central Server
Eric J. Taylor
ETaylor at ...17679...
Thu Nov 17 00:08:04 EST 2016
Hope all is well with everyone. New to sort and the ids/ips world, but looking forward to have more secure network(s).
I hope this is a easy answer to my question today. Been reading through the docs, and I see no mention about having a central server for multiple loctions. The locations are not joined in any fashion, as in seperate companies all together. If I was put a central snort box and connect the firewalls (mostly mikrotik) to the central server, is there any special gotchas or considerartions I need to review? I also don't know how much traffic is really sent over the WAN for analisis either. As a couple of sites use the same subnet schema, I will have to consider some changes at the locations to support IPSec from remote site to central server; if IPSec between locations is recommended.
And please, if I am over looking this part in the documents please point me to it as I don't see it currently.
Thanks in advance for your time and helpfulness as I try to figure this puzzle out.
P.S. Any grammar or humorous statements is courtesy of Android.
Owner | Veterinary IT Support Specialist
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-users