wolfSentry, the wolfSSL Embedded IDPS

The embedded systems community has long sought a top quality, super flexible, made-with-love IDPS. Today, wolfSSL answers the call, with our first preview release of wolfSentry, the IDPS (Intrusion Detection and Prevention System) for embedded and IoT systems.

Included in this preview are

  • Support for Linux, BSD, MacOS X, and Deos, on 32 and 64 bit x86 and PPC targets.
  • Programmatic insertion, deletion, and enumeration of static firewall rules.
  • Evaluation of static firewall rules, with prefix and wildcard matching, enabling basic application call-ins.
  • Integration into wolfSSL, using a new --enable-wolfsentry option, demonstrating simple pre-negotiation filtering of new connections.

Because this is a preview release, many capabilities are only partially implemented. Configuration and querying by textual blobs, dynamic defenses, plugin actions, and thread safety, are coming soon.

Follow this blog and our GitHub for the latest, as we will make quick work of these features!

Also coming soon is support for more target ecosystems, including AUTOSAR, FreeRTOS, VxWorks, QNX and other key embedded environments.

We particularly seek to enable researchers with this release. Let us know what you think, or ask us about our plans, and we’ll respond. We want wolfSentry to be fully vetted by the best in the OSS community.

Download wolfSentry now from https://github.com/wolfSSL/wolfsentry, and tell us what your IDPS priorities are!  If you have feedback or questions, or are interested in using wolfSentry in your project, contact us at facts@wolfssl.com!