Obfuscating outbound traffic via a Suricata "firewall"
For a few years now, some cloud service providers have resorted to using open-source Suricata network analysis software inline to detect and block malicious outbound traffic. This, of course, works on known indicators. It is worth quoting from this article that, "By the time an IOC has been published