Hello, can any one guide me on my questions :
I want to install L7 iptables on my Linux that is used as a firewall for my internal network composed of some 200 computers. For my IDS , I plan to use Snort. These are my questions :
- Can I install snort on the same linux that I use as my firewall, or I have to install it on a different PC.
- Do I need to make use of L7 iptables, while I implement Snort.
- Shall I use Snort as IDS or IDPS?
- Where is the best place to install Snort, inside or outside the fire wall?
- Do I need to have a seperate professional proxy installed on the linux, or the L7 proxy is sufficient?
- What would be the minimum hardware resource that Snorts requires(CPU, Ram , ...)?
- For better security and performance , do I need to replace my present Linux with a PIX or any other hardware firewall ?