elyrodriguez
asked on
Snort deployment
Hello, I am currently planning on deploying snort. I have ISA 2004 as my firewall with 2 network cards filtering traffic. I was thinking installing snort on that box or maybe installing Windows 2003 as a virtual server on that box and installing snort on the virtual server to be safe.
What are the best practices on installing these types of analyzer programs? on boxes with 2 network cards or can it be just one NIC?
Oh, are there any differences between snort for linux and snort for windows security wise? I have heard that linux is much secure than windows many times and wanted to know which platform is trusted more at the enterprise level. thanks for the help.
What are the best practices on installing these types of analyzer programs? on boxes with 2 network cards or can it be just one NIC?
Oh, are there any differences between snort for linux and snort for windows security wise? I have heard that linux is much secure than windows many times and wanted to know which platform is trusted more at the enterprise level. thanks for the help.
ASKER
Ok thanks for the info. I do understand that snort is not an operating system. I am talking about the versions of snort that exist for linux and for windows called winsnort. I was asking about the differences between those versions of snort on those respective OS platforms.
I was also asking about the deployment. I am currently supporting ISA 2004 on top of Win 2003 with 2 nework cards and I was wondering if its viable to install a virtual server(win 2003) on that box with 2 NICS to run snort on OR can snort be installed on a box with only 1 NIC.
I am now downloading smoothwall. I will check it out. Thanks again for the info.
I was also asking about the deployment. I am currently supporting ISA 2004 on top of Win 2003 with 2 nework cards and I was wondering if its viable to install a virtual server(win 2003) on that box with 2 NICS to run snort on OR can snort be installed on a box with only 1 NIC.
I am now downloading smoothwall. I will check it out. Thanks again for the info.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Snort is a utility you install on Linux its not an operating system, I would strongly recommend you have a look at smoothwall
its and excellent pieace of software.
http://www.smoothwall.org/
Heres what is said about smoothwall:
SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Linux is the ideal choice for security systems; it is well proven, secure, highly configurable and freely††† available as open source code. SmoothWall includes a hardened subset of the GNU/Linux operating system, so there is no separate OS to install. Designed for ease of use, SmoothWall is configured via a web-based GUI, and requires absolutely no knowledge of Linux to install or use.