Metadata
- Source
- INFRA-96
- Type
- Task
- Priority
- Major
- Status
- Resolved
- Resolution
- Done
- Assignee
- Giovanni Tirloni
- Reporter
- Giovanni Tirloni
- Created
2017-11-10T11:39:00.952-0500 - Updated
2017-11-10T11:39:57.378-0500 - Versions
- N/A
- Fixed Versions
- N/A
- Component
- N/A
Description
Implement some kind of intrusion detection system on our firewall (snort, suricata, etc.)
Comments
-
Giovanni Tirloni commented
2017-11-10T11:39:57.376-0500 Snort enabled on the pfSense firewall.
Logs are sent to the central log servers (i-0001/0002 currently, /var/log/hosts/gateway) and monitoring/alerting of those entries should be implemented separately in the future.