SnortSam, where have you been all my life?

I have been using Snort for years and years. A couple years ago I started messing with Snort_inline. Great concept, works beautifully. The downside is that Snort only works in inline mode when used in conjunction with iptables. Recently I was tinkering with a Linux box in VMware's Virtual Server and I was trying to get Snort_inline to work, alas to no avail. (Side note: if you haven't played with Virtual Server, you don't know what you're missing. Go get it now and download some of the Virtual Appliances. You won't be disappointed.) So I decided to take a look at SnortSam, a tool that I've had on my list of things to mess with for ages, but I just never got around to it. One word: wow. The possibilities for things you can do with Snort and SnortSam are nearly endless. It took a few minutes to get configured correctly and there were a couple of failed attempts on my part before I finally got it configured the way I wanted. All told about 20 minutes. It affords the opportunity to leverage just about any existing infrastructure and quickly create a full-blown IPS network. SnortSam is now on my short list of invaluable tools.