====== PFSense - Suricata - About Suricata ======

Suricata is an engine for...

  * Network Intrusion Detection
  * Network Intrusion Prevention
  * Network Security Monitoring

==== IDS (Intrusion Detection System) ====

  * Passive
  * Out of line
  * On tap or span port

==== IPS (Intrusion Prevention System) ====

  * Active
  * Inline
  * Router or bridge

==== NSM (Network Security Monitoring) ====

  * Not ‘just’ generating alerts, but also informational events like HTTP requests, TLS transfers, etc
  * Full Packet Capture (FPC) for being able to dig deep into traffic if necessary
  * Produces LOTS of data

----

===== References =====

https://forum.netgate.com/topic/136729/suricata-cannot-change-home-net-list/9