New in Version 9.0.0, Release Date: March 2016
1. All new IDS engine: Suricata 3.0.0 replaces 2.8 used in release 8.x.
Suricata version 3.0.0 enhances the speed of packet inspection by as much as 2 times the previous versions
2. Much improved way for baseline achievement for deploying organization specific rules.
You do not have to guess with regards to what to protect from. Tuning of rules is so much quicker.
Visit the Learn tab in by selecting Sensors and view a sensor and follow guidelines.
3. Search for specific rules. Helps find and enable/disable a group of organization specific rules
that may be spread across rule groups or classifications.
4. Many new options for searching the assets database.
5. Additional options in report. New view reporting. Simply click on Reports from the main dashboard
and check boxes as required
6. Ability to add/edit auto discovered applications. Helps in securing right assets with appropriate levels of alert management
Select a particular asset from assets screen, click view on a discovered port/application and edit(screen as below)
7. In IDS mode increase in number of interfaces supported. You can monitor 5 segments with a single device
as opposed to 2 in previous releases.
8. Support for tagged packets...over spillage of logged data now appears in Unknown.
9. Ability to upload local list of blocked/allowed mac addresses. Mac based asset access control requires in action reload of rule files
and as such must be used in proper fail safe proof setups.