Suricata IDS/IPS/NSM - Suricata is a high performance Intrusion Detection and Prevention System and Network Security Monitoring engine.
Open Source and owned by a community run non-profit foundation, the Open Information Security Foundation (OISF). Suricata is developed by the OISF, its supporting vendors and the community.
This Engine supports:
- Multi-Threading - provides for extremely fast and flexible operation on multicore systems.
- Multi Tenancy
- File Extraction, MD5 matching - over 4000 file types recognized and extracted from live traffic.
- TLS/SSL certificate matching/logging
- IEEE 802.1ad (QinQ) and IEEE 802.1Q (VLAN) support
- All JSON output/logging capability
- NSM runmode
- Automatic Protocol Detection (IPv4/6, TCP, UDP, ICMP, HTTP, TLS, FTP, SMB, DNS )
- Gzip Decompression
- Fast IP Matching
- Hardware acceleration on CUDA GPU cards
- Lua scripting
and many more great features -