Infrastructure Supervision Project: Multi-Site Network Monitoring with Zabbix, Wazuh, and pfSense

By /

Listen to this Post

Featured Image
In a recent cybersecurity training project at Guardia Cybersecurity School, a team implemented a comprehensive multi-site network monitoring infrastructure using cutting-edge tools. The project focused on real-time performance tracking, security monitoring, and network availability.

Key Technologies Deployed:

  • Zabbix: For system and network resource monitoring
  • Wazuh: For log analysis and intrusion detection (IDS)
  • pfSense: As a centralized firewall and router
  • Agents: Deployed across all machines for complete coverage

You Should Know:

1. Zabbix Configuration for Multi-Site Monitoring

To deploy Zabbix in a distributed environment:

 Install Zabbix agent on Linux nodes 
sudo apt-get update 
sudo apt-get install zabbix-agent

Configure Zabbix agent 
sudo nano /etc/zabbix/zabbix_agentd.conf

Set the following parameters:

Server=<Zabbix-Server-IP> 
Hostname=<Unique-Client-Hostname>

Restart the service:

sudo systemctl restart zabbix-agent

2. Wazuh for Log Analysis & IDS

Deploy Wazuh agents for security monitoring:

 On Linux systems 
curl -so wazuh-agent.deb https://packages.wazuh.com/4.x/apt/pool/main/w/wazuh-agent/wazuh-agent_4.7.0-1_amd64.deb 
sudo dpkg -i wazuh-agent.deb 
sudo systemctl start wazuh-agent

Configure Wazuh manager IP:

sudo nano /var/ossec/etc/ossec.conf

3. pfSense Firewall Rules for Secure Monitoring

To allow Zabbix/Wazuh traffic:

 Navigate to pfSense Web UI: 
Firewall > Rules > Add

– Protocol: TCP
– Source: Zabbix/Wazuh Server IP
– Port: 10050 (Zabbix), 1514 (Wazuh)

4. Automated Alerting Setup

In Zabbix, configure triggers for critical events:

 Example: High CPU alert 
{Template OS Linux:system.cpu.util[,user].avg(5m)}>90

What Undercode Say:

This project demonstrates the power of integrating Zabbix, Wazuh, and pfSense for enterprise-grade infrastructure monitoring. Key takeaways:
– Distributed monitoring requires proper agent deployment and firewall rules.
– Real-time alerts improve incident response time.
– Centralized logging (via Wazuh) enhances threat detection.

For further learning:

Prediction:

As networks grow more complex, AI-driven anomaly detection will integrate with tools like Zabbix and Wazuh for predictive threat analysis.

Expected Output:

A fully monitored infrastructure with real-time alerts, log analysis, and centralized security policies.

Note: Commands and configurations are verified for Linux-based systems. Adjust for Windows where necessary (e.g., Zabbix MSI installer).

References:

Reported By: Yani Hamoumat – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅

Join Our Cyber World:

💬 Whatsapp | 💬 Telegram

Related Posts: