suricata install

Maher Khalil

Member
Jul 11, 2021
149
5
18
41
Hello
Do I need to enable firewall before install suricata? do firewall required for suricata to function?
 

Dunuin

Famous Member
Jun 30, 2020
7,283
1,748
149
Germany
Wouldn't it be better to use something in a VM that actually officially supports suricata and got it already tightly integrated like SecurityOnion or OPNsense?
 
Last edited:

Maher Khalil

Member
Jul 11, 2021
149
5
18
41
I cannot force my customer to install anything inside the VM machine. at the same time I need to prevent / block hackers
 

Dunuin

Famous Member
Jun 30, 2020
7,283
1,748
149
Germany
Your customer doesn't have to install anything inside a VM. I thought more of a single VM as part of the server infrastructure that you put as a gateway/firewall between the internet and all of the clients VMs.
 

Maher Khalil

Member
Jul 11, 2021
149
5
18
41
I see open sense is intrusion detection only while suricata is intrusion prevention am I right?
 

Dunuin

Famous Member
Jun 30, 2020
7,283
1,748
149
Germany
Just google for "OPNsense Proxmox tutorial" or "security onion" and you will find alot of tutorials like for example this one:
https://getlabsdone.com/how-to-install-opnsense-firewall-in-proxmox-step-by-step/

And you can configure suricata using the OPNsense webUI. There is also a checkbox to switch between intrusion detection and intrusion prevention mode. Suricata IDS as part of OPNsense is working fine here in a VM with 4GB RAM.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get your own in 60 seconds.

Buy now!