Kudos to @ [LTS_Tom for the Good work on pfSense, Networking and Security. Your videos has really we the start ups.
Well after viewing the videos on how IIDS/IPS systems like Suricata in that they cannot catch threats in packets of a encrypted/secured transmitted traffic in the network then what can one do to mitigate such threats else then what is the need of setting Suricata and signing up the premium rulesets to be used by them when nowadays all network traffic are secured especially https traffic.
Is there a solution to this? Can someone help out. Thanks
But Tom traffic at to and from endpoints are now or mostly encrypted and in https, unless I do not get what you are trying to say. Can you throw more light please
Oh ok, I now get you. So what about protection of the edge box (pfSense) which package can help protect these threat being transmitted on encrypted traffic from coming to the inside network.
Thanks @BuckeyeNet and @LTS_Tom. So does it mean that as we speak there is no preventive IDS/IPS package for pfSense as an edge device that can decipher encrypted traffic coming into the network ?
Technically, you could install signed certificates in each endpoint device and in pfsense that would allow visibility into some connections that are using TLS below version 1.3, but as more sites move to that you lose visibility.