Use Cases

What do you want to achieve with NIDS platform in your Network?

BASIC

  • Monitor a single server traffic
  • Monitor traffic from one or multiple network segments using a SPAN/Mirror Port

ADVANCED

  • I have some remote/cloud servers but I can’t use SPAN/Mirror facilities and I need to monitor server’s traffic
  • Transport traffic from remote servers in cloud environment for analysis, storage and forensic
  • We have an hybrid cloud (AWS, Google Cloud, AZURE) and on-premises environment and need a centralized NIDS management and security view

INTEGRATE WITH WAZUH

Integrate with Wazuh

This will help you:

  • Just send default Suricata alerts to Wazuh-ELK
  • Unify Suricata and Zeek outputs, send to Wazuh-ELK and visualize with some cool dashboard