VMware Cloud Community
comeback1106
Contributor
Contributor

How to Connect vShield to Snort to create IPS for vCloud

Hi you.

I want create a IDS/IPS for vCloud Director with vShield and Snort but I don't now how to connect between that. Anyone have any idea for that. Thanks for help me.

2 Replies
mahzad67
Contributor
Contributor

I have another question in this subject.

it is possible installing snort inside vShield edge?

Reply
0 Kudos
admin
Immortal
Immortal

Hi,

Although it’s not possible to install SNORT inside vShield Edge or App, you CAN use the vShield API to configure vShield rules based on events detected by an IDS/IPS. SourceFire did this a few years back with their virtual IPS product (https://community.sourcefire.com/questions/does-your-virtual-ips-interact-with-vmware-s-vshield). I’m not sure what the status of their integration is now, considering that SourceFire has been acquired by Cisco. But, nevertheless, the vShield API is available for other systems to integrate/communicate with vShield/vCNS.

You can find the vShield API Programming Guide here: http://www.vmware.com/pdf/vshield_51_api.pdf

Hope this helps….