intrusion detection monitoring

We have a client who currently spends 4k per month with alert logic for monitoring and intrusion detection. We want to help minimize this cost with a similar solution. Can anyone suggest a similar product or solution? We would ideally like to put our own equipment in, and have it send us alerts when necessary.

Any thoughts?
Who is Participating?
arober11Connect With a Mentor Commented:
None of the solutions on their own will get you through a PCI-DSS audit, as they obviously can't: Produce an incident handling / resolution plan, harden your servers themselves, perform background checks on staff, stop credentials being shared, physically restrict access to the server, stop an application persisting card detail or security codes, enforce multi factor authentication on the servers, or remove unnecessary services / utilities from them....

But I have used: Tripwire, CA-Agentless, F5-BigIP and several other toys in combination, at one multi billion on-line set-up, to tick a number of the monitoring and access limitation boxes. The commercial version of Tripwire does a spot audit of your servers / devices and provide a list of hardening recommendations, as well as the ability to alert on a configuration change, so a good starting point.
There are many options.  We currently are running a Tipping Point (From HP) IPS/IDS device at our primary site as well as having an IPS module in our Cisco our DR site
Also worth a look Tripwire, and there is a free, if older variant, also on the free front have a look at AIDE.

On the monitoring front, if your also after general network / traffic stat's, then there are numerous solutions: nagios, CA-Agentless (IP mirror), Cacti, Smokeping, IBM tivloi.....
Try snort / ossec.
skyadminAuthor Commented:
Thanks for the input guys, I forgot to mention they need to be PCI compliant, do these solutions offer this?
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.