Integrating a Suricata IDS/IPS
The security protection of the Proxmox VE firewall can be further enhanced by configuring an intrusion detection and prevention system such as Suricata. It is a high-performing IDS/IPS engine that is able to protect a virtual machine by rejecting traffic that are possible intrusions. Currently, Snort and Suricata are two open source main stream IDS/IPS available among a few others. One of the primary advantages of Suricata is that it is multithreaded, whereas Snort is single-threaded. Suricata is under rapid deployment and gaining popularity fast in the security community.
By default, Suricata is not installed on a Proxmox node, it needs to be manually installed and configured. As for Proxmox VE 4.1, Suricata can only be used to protect a virtual machine, not any Proxmox host nodes.
Note
Do not try to manually download the Suricata package from any other source other than the Proxmox repository and install it on the Proxmox node. It may break the system. Always...
