Guess I am going to use multiple docker files for my IDS/IPS - using microservice. Say more than 50 docker containers for it. Would you use Suricata or Snort ? Is it really important that Snort is not multithread , and does it snort weaker than Suricata??
Use Docker from dtag-dev-sev
https://github.com/dtag-dev-sec/suricata
dockerized suricata
suricata is a Network IDS, IPS and Network Security Monitoring engine.
This repository contains the necessary files to create a dockerized version of suricata.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.