We've been requested to implement and IDS/IPS on our network. We currently use pfSense running on a SG-5100 appliance ( Intel Atom 2.2 GHz 4-Core) and I'd like to run Snort to tick the IDS/IPS box. Our WANs are a 1gbps fiber connection + 500 mbps fiber connection. We also run 4 to 5 VPN connections (OpenVPN) to individual laptops. No other packages.
My question is will I be able to run Snort on the pfSense machine and still get gb throughput?
Would I be better off, adding a dedicated Snort box between the LAN side of the pfSense and my network?
Thanks