Today wolfSSL Inc. releases the 4th preview release of wolfSentry, wolfSSL’s IDPS (Intrusion Detection and Prevention System) for embedded and IoT systems. wolfSentry is address- and bus-agnostic, and brings static and dynamic firewalls, event-driven notification and logging support, and unlimited extensibility, to deeply embedded and realtime systems.
This release has several new features of note:
- The JSON configuration format now allows user-defined key-value pairs. The JSON configuration can then be used as a unified configuration package for both the wolfSentry core and user-installed plugin logic. Binary objects can be supplied in the configuration using base64 encoding, and user plugins can then access it in the decoded raw binary form. The key-value facility also supports a custom validator callback to enforce constraints on user-defined config params in the JSON.
- User-defined address families are now available, allowing idiomatic formats for non-Internet addresses in the JSON config. This allows plugin support for various buses and device namespaces beyond the core builtin IP and MAC address support.
- A generic JSON DOM (random access) facility is now included, for use as a helper in user plugins and applications.
- This release also introduces substantial improvements in infrastructure to support default policies, statistics, notification, and logging.
Because this is a preview release, some capabilities are only partially implemented. In particular, dynamic defenses and thread safety are only partially implemented.
Follow this blog and our GitHub for the latest — the first production-ready release of wolfSentry is coming soon!
We particularly seek to enable researchers with this release. We want wolfSentry to be fully vetted by the best in the OSS community. If you have any questions or run into any issues, contact us at facts@wolfssl.com, or call us at +1 425 245 8247.
Download wolfSentry now from https://github.com/wolfSSL/wolfsentry, and tell us what your IDPS priorities are!