skyadmin
asked on
intrusion detection monitoring
We have a client who currently spends 4k per month with alert logic for monitoring and intrusion detection. We want to help minimize this cost with a similar solution. Can anyone suggest a similar product or solution? We would ideally like to put our own equipment in, and have it send us alerts when necessary.
Any thoughts?
Any thoughts?
There are many options. We currently are running a Tipping Point (From HP) IPS/IDS device at our primary site as well as having an IPS module in our Cisco router.at our DR site
Also worth a look Tripwire, and there is a free, if older variant, also on the free front have a look at AIDE.
On the monitoring front, if your also after general network / traffic stat's, then there are numerous solutions: nagios, CA-Agentless (IP mirror), Cacti, Smokeping, IBM tivloi.....
On the monitoring front, if your also after general network / traffic stat's, then there are numerous solutions: nagios, CA-Agentless (IP mirror), Cacti, Smokeping, IBM tivloi.....
Try snort / ossec.
ASKER
Thanks for the input guys, I forgot to mention they need to be PCI compliant, do these solutions offer this?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.