Simply a no-brainer service to run on any public facing servers
- Provides great integrations with tools you already use, such as fail2ban, Cloudflare, WordPress, NGINX, Linux Firewalls, etc.
- Lightweight agents can run on individual servers and report to a main security engine so that if there's an attack on one server and a block is implemented, the entire network can be protected
- There are a lot of ways to receive alerts and store logs
- CrowdSec Central API is a nice way to manage everything externally
Cons
- Getting CrowdSec to run on OPNsense can be a challenge, but that's also a limitation of the OS
- You can only subscribe to a couple of feeds before paying an unknown amount of money that's part of their "Enterprise" package. So, there could be better transparency.
- It flat-out blocks malicious IPs from accessing any PC on my network.
- It's free-tier makes this a no brainer to implement