asked on

installing snortsam on my Snort IDS machine

I currently have snort installed on my network as an IDS. I need to figure out how to turn this IDS into an IPS. I am looking into snortsam for this. I don't want to use snort inline because I can't restructure my network. I like snortsam because it works as an application from what I reading. I was on snortsam's website and saw it was compatible with the Cisco Pix, but it didn't say anything about the ASA. I have a Cisco ASA5520. Does snortsam work with the Cisco ASA? Anyone with snortsam experience, do you like the performance of snortsam? Can you point me in a direction of some clear directions to get snortsam to work. I would like to install snortsam on the same machine as snort. I am using ubuntu 10.04. Thanks.

ASKER CERTIFIED SOLUTION

Rich Rumble

membership

This solution is only available to members.

To access this solution, you must be a member of Experts Exchange.

Start Free Trial

denver218

ASKER

Thanks. We host a few applications for some of our customers in a datacenter. Like I said, I do have a Cisco ASA in place right now for Security, VPNs, etc, but I've been tasked with implementing an IPS solution as well. I have $0 for my budget so plan plan is to install snortsam on my existing Snort IDS server. My biggest concern is traffic being blocked that shouldn't be blocked. Can you further explain how snortsam works in conjunction with the ASA. Thanks.

SOLUTION