BlueOnyx Rampart released
BlueOnyx Rampart unifies Suricata, EveBox, and CrowdSec into a single, intelligent security suite for BlueOnyx and Aventurin{e} servers. It delivers real-time intrusion detection, behavioral analysis, and automated threat blocking - all managed directly through the BlueOnyx GUI. Whether protecting a single server or an entire Aventurin{e} cluster, Rampart turns your infrastructure into a self-learning, adaptive defense system.
BlueOnyx Rampart
BlueOnyx Rampart is the new unified security framework for BlueOnyx servers and Aventurin{e} virtualization nodes. It seamlessly integrates three powerful open-source technologies—Suricata, EveBox, and CrowdSec—into a single management interface within the familiar BlueOnyx GUI. Together, they provide a layered defense architecture that monitors, analyzes, and reacts to security threats in real time, turning every BlueOnyx system into an intelligent, self-defending fortress.
Suricata serves as the deep-packet inspection and intrusion detection engine, inspecting traffic at wire speed and generating detailed security events for every connection. EveBox complements this with a robust event database and intuitive dashboards, enabling administrators to visualize network activity, investigate incidents, and correlate alerts across time and systems. CrowdSec adds the collaborative layer—an adaptive intrusion-prevention system that analyzes behavioral patterns and shares verified malicious IPs with the global CrowdSec community. Suspicious hosts can be automatically blocked, quarantined, or flagged for manual review directly from the BlueOnyx GUI.
 |
 |
 |
 |
 |
 |
Benefits on Aventurin{e} Nodes
When deployed on Aventurin{e} 6110R or later, BlueOnyx Rampart extends its protection across all hosted Incus containers and VMs. Each tenant’s traffic is analyzed individually, giving node administrators real-time insight into attacks targeting specific services or virtual environments. The integration leverages Aventurin{e}’s multi-tenant architecture to correlate Suricata and CrowdSec data per instance, offering both macro-level and granular visibility. Rampart transforms the Aventurin{e} host into a centralized security control plane—simplifying incident management, reducing attack surface, and providing actionable intelligence for every tenant environment.
Benefits on Stand-Alone BlueOnyx Systems
For stand-alone BlueOnyx servers, Rampart delivers enterprise-grade network monitoring and threat mitigation without external dependencies. Administrators gain real-time dashboards for intrusion detection, visual forensics, and dynamic blocking—all directly from the GUI. CrowdSec’s local decision engine automatically adapts to evolving attack patterns, while shared intelligence from the CrowdSec network enhances protection against global threats. The result is a resilient, self-updating security layer that continuously learns, reacts, and improves—ideal for mail, web, and application servers operating independently or as part of a distributed BlueOnyx deployment.
Unified and Efficient Security
Because Rampart is fully integrated with the BlueOnyx configuration engine (CCE), it requires no manual configuration of complex YAML files or external dashboards. Suricata rule sets, EveBox databases, and CrowdSec scenarios are managed automatically through BlueOnyx’s RPM updates and GUI options. Whether installed on a single system or deployed across an Aventurin{e} cluster, BlueOnyx Rampart empowers administrators with visibility, automation, and collective intelligence—ensuring that BlueOnyx servers remain secure, adaptive, and ready for the challenges of modern Internet threats.
Availability
BlueOnyx Rampart is available as stand alone subscription product in the BlueOnyx shop and it is also available as part of the BlueOnyx Enterprise Edition.
← Return