[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1112
  • Last Modified:

ids/ips solution for small business

Can you someone recommend an IDS/IPS solution for small business? They can't afford a expensive solution. We want to be able to protect and the monitor layer 7.


thanks
0
officertango
Asked:
officertango
  • 2
2 Solutions
 
dhblaneCommented:
You should take a look at snort.

Snort is free open source software and when combined with a front-end like Snorby extremely easy to monitor.  Rules for snort are regularly updated and you can get a lot of additional ones from a variety of feeds, bleeding snort is particularly good.
0
 
Rich RumbleSecurity SamuraiCommented:
I assume you want to cover layers 3-7, Suricata, Snort or Bro IDS's are all very good at monitoring. You can use those three in an inline mode as an IPS to block, or use SnortSam to update firewall rules to block based on what the IDS's are reporting. All three above are free but have many offerings to help impliment, tune and even manage. IDS's are prone to false positives, and none work for everyone right out of the box, they all need tuned to your environment.
Some organizations use Snort/Suricata/Bro on the inside of the network to see if threats make it in, or are going out and then worry about tracking down a false positive or false negative. Installing an IDS on the outside, there are a lot of false positives that happen on the internet that will send your IDS into a tizzy.
-rich
0
 
officertangoAuthor Commented:
does SnortSam works with juniper firewall, ssg5?
0
 
Rich RumbleSecurity SamuraiCommented:
Says they do: http://www.snortsam.net/
I don't have any myself so I'm not certain, but it is a good application.
-rich
0

Featured Post

 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now