Hi.
Would it be plausible to 'integrate' an IDS / IPS "package" into RouterOS 7 ?
I know it would be both CPU & storage-wise expensive. That said, I propose it as a package, and aimed at x86 / CHR (virtualized) & up-scaled Mikrotik Hardware.
I know you can of course stream IP traffic & mirror(L2) off to a 'SEPARATE' box(Snort e.t.c.) to look at traffic, and you can even feed back to RouterOS data to close down bad flows/IP's ETC.
Having played recently with pFSense and the ease of adding Snort and Suricata into 1 piece of hardware OR virtualized instance, makes security much more streamlined.
For me, being able to add it to a Captive Portal/Hotspot for a large client base is my take on this point of view, but there are plenty of other areas of application for an "integrated IDS/IPS"
Thoughts ?