Network Desgin

(Richard Laing) #1

Hi there I am testing ELK for my current company so far I like the features and have the logs shipping back into the elastic search correctly. My main question is how best to deploy a LAN ELK stack with some hosts in the cloud without comprising the security offered by the firewall.

The ingest node should sit inside a DMZ however good practice is not have anything inside a DMZ that can connect to the local network, how can this issue be mitigated?

(Richard Laing) #2

After doing some more reading does any one know if elastic search has parterres to detect attackers logged in snort or an IPS?

(system) #3

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.