how exactly does IDS/IPS work on zenarmor
Hello,
How exactly does IDS/IPS work on zenarmor? On the WAN interface I have Suricata and on the LAN interfaces I have zenarmor and I would like to know at what level IDS and IPS work in Zenarmor. Could someone explain this? Does it detect hacking methods using known vulnerabilities such as XDR tools?
-
Official comment
Hi,
Zenarmor currently offers a Synflood detection feature. It monitors the Syncache for anomalies and generates notifications if an attack is detected. In the Policy - Security section, Zenarmor provides security categories that can block traffic. If a request is made to a site categorized under a security threat, Zenarmor can block the traffic accordingly. We plan to introduce additional IDS/IPS features by 2026.
For users of Zenarmor on OPNsense, it's important to note that OPNsense also has its own IDS/IPS tool, which can be configured separately.
Best regards
Salih
Comment actions
Please sign in to leave a comment.
Comments
1 comment