Intrusion Prevention System
The Cloud-Bricks system comes with SNORT preconfigured with
Community rules only.
If you want to protect your system with the most updated threat definition rules and receive support for snort, you may become a snort subscriber. Our support team will configure your SNORT system with the Subscriber Rule Set.
First time usage
In order to use the SNORBY system, some adjustments must be done
when logging in for the first time.
1- Access the SNORBY interface by navigating to Firewall ->
SNORT I.P.S in the left menu.
The default login is "email@example.com" and the default password is "snorby".
2- The SNORBY dashboard screen appears, please pay attention to the message "The Snorby worker is not currently running"
3- We need to start the Snorby Worker Process, in order to do so, please select the "Worker & Job Queue" option from the "Administration" menu:
4- In the "Worker & Job Queue" page, please select the "Start Worker" option from the "Worker Options" menu.
A green "OK" icon will confirm that the worked process has been started:
5- Now its time to configure your email, password and Time Zone:
The configuration page will appear when clicking on the "Settings" link in the upper right corner of the screen.
6- Please configure your actual email address and an easy to remember password to access the Snorby interface.
Configuring your Virtual Machine to use the IPS system
In order to actually make the Intrusion Prevention System to scan
your virtual machine network traffic, you will have to include
some "IPS Filters" in your Firewall rules.
What to do in case of attack
• Service Description
• Snort Rules
• First time usage
• What to do in case of attack