EDIT: Just realized I had "Dell" when I meant "HP." Dell T730 is a rack-mount server. 
Hey guys... a bit torn between two Courses of Action here. Looking for some insights.
COA 1:
==WAN==ASUS1+Skynet & Diversion===ASUS2 (Routing) + Suricata===LAN/WLAN
COA 2:
==WAN==HP T730 w/ pfSense === ASUS+Skynet & Diversion (Routing) ===LAN/WLAN
COA 3:
==WAN==ASUS1+Skynet & Diversion === HP T730 w/ pfSense == ASUS2 (Routing) == LAN/WLAN
Pros of COA 1:
* Less monitoring of Suricata required because Skynet doing a lot of pre-filtering
* Cheapest: I already have two Asus routers
Cons of COA 1:
* AC3100 less capable than T730 (or T620+, for that matter); may not be able to keep up with heavy packet inspection
Pros of COA 2:
* More secure than COA 1
* Skynet might not have much to do
* HP can also pick up the VPN server duites
Cons of COA 2:
* Suricata gonna be a lot busier without Skynet filtering; probably more results to sort through
Pros of COA 3:
* Skynet & Diversion pre-filter for Suricata, reducing load
* No more expensive than COA 2
* HP can also pick up the VPN server duties
Cons of COA 3:
* Most complex; need to deal with three devices
* Most power consumption
Thoughts here? I have a strong affinity for Skynet and recommend it to everyone in the breath following "get an Asus router" but I also love the idea of heuristic filtering and more extensive logging in Suricata... and a separate box with 4-8GB of RAM & a 1.6GHz/dual-core CPU has a lot more ooomph than the AC-3100 w/ 2x 1.4GHz & 512MB.
I NEEEEDS TEH SECURITEHHS
Hey guys... a bit torn between two Courses of Action here. Looking for some insights.
COA 1:
==WAN==ASUS1+Skynet & Diversion===ASUS2 (Routing) + Suricata===LAN/WLAN
COA 2:
==WAN==HP T730 w/ pfSense === ASUS+Skynet & Diversion (Routing) ===LAN/WLAN
COA 3:
==WAN==ASUS1+Skynet & Diversion === HP T730 w/ pfSense == ASUS2 (Routing) == LAN/WLAN
Pros of COA 1:
* Less monitoring of Suricata required because Skynet doing a lot of pre-filtering
* Cheapest: I already have two Asus routers
Cons of COA 1:
* AC3100 less capable than T730 (or T620+, for that matter); may not be able to keep up with heavy packet inspection
Pros of COA 2:
* More secure than COA 1
* Skynet might not have much to do
* HP can also pick up the VPN server duites
Cons of COA 2:
* Suricata gonna be a lot busier without Skynet filtering; probably more results to sort through
Pros of COA 3:
* Skynet & Diversion pre-filter for Suricata, reducing load
* No more expensive than COA 2
* HP can also pick up the VPN server duties
Cons of COA 3:
* Most complex; need to deal with three devices
* Most power consumption
Thoughts here? I have a strong affinity for Skynet and recommend it to everyone in the breath following "get an Asus router" but I also love the idea of heuristic filtering and more extensive logging in Suricata... and a separate box with 4-8GB of RAM & a 1.6GHz/dual-core CPU has a lot more ooomph than the AC-3100 w/ 2x 1.4GHz & 512MB.
I NEEEEDS TEH SECURITEHHS
Last edited:
