Solved

ids/ips solution for small business

Posted on 2011-02-17
4
984 Views
Last Modified: 2013-11-29
Can you someone recommend an IDS/IPS solution for small business? They can't afford a expensive solution. We want to be able to protect and the monitor layer 7.


thanks
0
Comment
Question by:officertango
  • 2
4 Comments
 

Accepted Solution

by:
dhblane earned 250 total points
ID: 34921959
You should take a look at snort.

Snort is free open source software and when combined with a front-end like Snorby extremely easy to monitor.  Rules for snort are regularly updated and you can get a lot of additional ones from a variety of feeds, bleeding snort is particularly good.
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 250 total points
ID: 34922572
I assume you want to cover layers 3-7, Suricata, Snort or Bro IDS's are all very good at monitoring. You can use those three in an inline mode as an IPS to block, or use SnortSam to update firewall rules to block based on what the IDS's are reporting. All three above are free but have many offerings to help impliment, tune and even manage. IDS's are prone to false positives, and none work for everyone right out of the box, they all need tuned to your environment.
Some organizations use Snort/Suricata/Bro on the inside of the network to see if threats make it in, or are going out and then worry about tracking down a false positive or false negative. Installing an IDS on the outside, there are a lot of false positives that happen on the internet that will send your IDS into a tizzy.
-rich
0
 

Author Comment

by:officertango
ID: 34971062
does SnortSam works with juniper firewall, ssg5?
0
 
LVL 38

Expert Comment

by:Rich Rumble
ID: 34971132
Says they do: http://www.snortsam.net/
I don't have any myself so I'm not certain, but it is a good application.
-rich
0

Featured Post

VMware Disaster Recovery and Data Protection

In this expert guide, you’ll learn about the components of a Modern Data Center. You will use cases for the value-added capabilities of Veeam®, including combining backup and replication for VMware disaster recovery and using replication for data center migration.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Enterprise Password Manager Suites as well as Local Password managers are covered in this article.
With healthcare moving into the digital age with things like Healthcare.gov, the digitization of patient records and video conferencing with patients, data has a much greater chance of being exposed than ever before.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

809 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question