Suricata 是一个网络入侵检测和阻止引擎，由开放信息安全基金会以及它说支持的提供商说开发。

该引擎是多线程的，内置 IPv6 的支持，可加载预设规则，支持 Barnyard 和 Barnyard2 工具。

Suricata 1.1 版主要改变如下:

Notable Improvements

* performance improvements
* – new default pattern matcher
* – multi pattern matcher inspection of HTTP buffers
* – improved running modes
* accuracy was greatly improved
* improved logging
* – extended HTTP logging
* – support of stream event logging
* IPS improvements
* – inline mode for stream engine
* – new keyword and running options for Netfilter based IPS
* removal of the unified1 output plugins (#353)

New features

* new keywords ssl_state, ssl_version (#258, #262).
* support for http_raw_header, http_stat_msg, http_stat_code and http_raw_uri keywords (#259, #260).
* new keyword support: nfq_set_mark
* support for suppress keyword was added (#274)
* byte_extract keyword support was added
* new default pattern matcher, Aho-Corasick based, that uses much less memory and performs better
* fast_pattern & multi pattern matching support for HTTP buffers
* extended HTTP request logging for use with (among other things) http_agent for Sguil (#38)
* new counters in stats.log for flow and stream engines (#348)
* AF_PACKET support for high speed packet capture
* advanced and fine tuning of CPU affinity setting for enhanced multicore performances
* “replace” keyword support for IPS mode (#303)
* new “workers” runmode for multi-dev and/or clustered PF_RING, AF_PACKET, pcap
* added “stream-event” keyword to match on TCP session anomalies
* Inline mode for the stream engine (#230, #248)
* Included an example decoder-events.rules file
* pcap logging / recording output was added
* basic SCTP protocol parsing was added
* reference.config support as supplied by ET/ETpro and VRT
* smtp protocol parser and protocol detection was added
* better handling of detection for timed out TCP sessions
* improved protocol detection accuracy with additional support for port based detection

Fixes since 1.1rc1

* CUDA build fixed
* minor pcap, AF_PACKET and PF_RING fixes (#368)
* bpf handling fix
* Windows CYGWIN build
* more cleanups