User testimonial with Yannick from Siegler Informatique
A short while ago, we sat down with Yannick Siegler, one of CrowdSec’s early spotters and most involved community member.
Hi Yannick. Can you tell us a little bit more about yourself and your company?
I have been an auto-entrepreneur for several years. I run my own company, Siegler Informatique, offering managed services and VPS. I look after 40 servers hosting websites and emails as well as their security, back-ups and also fix system issues. Beyond my managing role, I am a system administrator on a daily basis.
How did you find out about CrowdSec and what caught your attention?
I discovered the solution via an article published on Korben’s blog. I was using Fail2ban at that time to protect my servers. The program was working well but had difficulties ingesting large volumes of logs when there was a lot of activity. So I tested CrowdSec which proved to be much more responsive in handling large amounts of logs. This increased responsiveness, along with better flexibility was the starting point. I also needed to build larger IP whitelists, which was quickly achievable with CrowdSec. That’s how it all started.
What does the solution help you achieve?
I really appreciate the performance level of the tool and the modularity in the possible choices: where to parse, where to apply a ban etc. The deployment of the centralized solution is also very practical and efficient. For example, with a single command, I can unblock all the servers at once, share a ban list, etc. This is a considerable time-saver.
Today, I have a daily ban list of 1849 IPs on average in IPv4. I have created a site showing all the bans in real time and there is a lot of activity! I also added a function to unblock IPs on the servers if needed to avoid false positives.
A word for the end?
I would like to highlight the permanent availability of the CrowdSec team, whether on their Gitter channel or on their forum. Their reactivity and the continuous guidance they provide allowed me to get to grips with the tool very quickly and to be able to make my contributions. After a test phase, I decided to deactivate Fail2ban and deploy CrowdSec on all the servers managed by my company and it works really well!