F2F and CrowdSec
- Thread starter KAI
- Start date
Hi,
Not yet, but we have in our roadmap adding new features to the FWCloud-Agent that will allow a better integration with Fail2Ban and CrowdSec.
For example, we have an issue for allow that from the user interface you can query the list of IPs in the CrowdSec blacklist set.
Another thing that we have in mind is that FWCloud-Agent uses the CrowdSec API for blocked IPs update from different sources. For example, imagine that you have FWCloud-Agent installed in your perimetral firewall cluster, and CrowdSec installed in all your servers (web, smtp, NextCloud, etc.). FWCloud-Agent could get the list of blocked IPs from each one of these servers and add them to the block list set of the perimetral firewalls, this way you will be able to block access from these malicious IPs in your perimetral firewall.
I hope that this answer your question, if not, let me know.
Not yet, but we have in our roadmap adding new features to the FWCloud-Agent that will allow a better integration with Fail2Ban and CrowdSec.
For example, we have an issue for allow that from the user interface you can query the list of IPs in the CrowdSec blacklist set.
Another thing that we have in mind is that FWCloud-Agent uses the CrowdSec API for blocked IPs update from different sources. For example, imagine that you have FWCloud-Agent installed in your perimetral firewall cluster, and CrowdSec installed in all your servers (web, smtp, NextCloud, etc.). FWCloud-Agent could get the list of blocked IPs from each one of these servers and add them to the block list set of the perimetral firewalls, this way you will be able to block access from these malicious IPs in your perimetral firewall.
I hope that this answer your question, if not, let me know.
Fail2Ban and CrowdSec compatibility is independent of the method (ssh or FWCloud-Agent) used to apply the firewall policy into the destination firewall/cluster.
Then, if you enable the compatibility flag, it will go for both, ssh and FWCloud-Agent communication.
Then, if you enable the compatibility flag, it will go for both, ssh and FWCloud-Agent communication.
Yes, it will work.