Implementing vyos for IT/OT seperation or covergence

Hi Team,

Being from a security background I was thinking if vyos can be used to protect IT/OT environment? I understand its a pure router and does not have intelligence to understand SCADA/HMI/ICS protocol but wondering if we could integrate suricata or snort IPS and have it understand the flow?

what say? Or has anyone already done it? if so would really appreciate if they can share their experiences

You cant install suricata in conainer on VyOS.

@blason I’m not familiar with OT network protocols, however, if you’re simply looking for network segmentation to get started, you’d likely find the Firewall Zones feature quite powerful and intuitive.

Regarding Suricata/Snort, as @echowings noted, installing those functions in a Container is an option, assuming you’re on sufficiently capable hardware.

Some searching brings up this blog post about setting up a VyOS router with a Suricata container. Chances are good that some syntax might have changed since that post was created, however probably the main principles remain. I do need to add the disclaimer that I don’t have personal experience creating Suricata containers myself (though I’ve researched it in the past).

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.