Use Cases¶
What do you want to achieve with NIDS platform in your Network?
BASIC¶
- Monitor a single server traffic
- Monitor traffic from one or multiple network segments using a SPAN/Mirror Port
ADVANCED¶
- I have some remote/cloud servers but I can’t use SPAN/Mirror facilities and I need to monitor server’s traffic
- Transport traffic from remote servers in cloud environment for analysis, storage and forensic
- We have an hybrid cloud (AWS, Google Cloud, AZURE) and on-premises environment and need a centralized NIDS management and security view
INTEGRATE WITH WAZUH¶
This will help you:
- Just send default Suricata alerts to Wazuh-ELK
- Unify Suricata and Zeek outputs, send to Wazuh-ELK and visualize with some cool dashboard