Intrusion Protection software recommendations...

I'm researching Intrusion Detection Software for an SBS 2011 server.  Has anyone utilized a particular IDS for SBS 2011 for more than or close to a couple of years since SBS 2011's release successfully and if so, what brand and version?  Thanks.
eitconsultingAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Mohammed KhawajaManager - Infrastructure:  Information TechnologyCommented:
TippingPoint (HP)
SourceFire
IBM ISS Proventia

They are all appliances, are expensive and you need to look at your requirements and features  that each one provides to ensure it meets your needs.
0
dipopoCommented:
Try looking at SNORT. It is opensource and very good indeed, works with Windows and using WinPcap. Depending on your topology, you may need to create a SPAN port on your switch to aggregrate traffic onto a port and connect a NIC from your server to the port, WinPcap should put the NIC in promiscous mode voila you can now sniff everything and based on what you decide in your "Ruleset" generate alerts or actions.

http://www.snort.org/
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
gheistCommented:
I am using IPS as opposed to IDS
0
The Firewall Audit Checklist

Preparing for a firewall audit today is almost impossible.
AlgoSec, together with some of the largest global organizations and auditors, has created a checklist to follow when preparing for your firewall audit. Simplify risk mitigation while staying compliant all of the time!

eitconsultingAuthor Commented:
@gheist    IPS and IDS are different and I am reconsidering using both.  However, IPS appears to be embracing more and more IDS functionality but just isn't there yet.  I'm currently looking at SO (Security Onion) as the IDS as well as a separate IPS.
http://blogs.cisco.com/security/ids_and_ips/ 
http://www.networkworld.com/weblogs/security/005784.html
0
gheistCommented:
Do you trust compromised IDS to D the I?
0
Pankaj_401Commented:
You can Deploy complete monitoring software in you network which will audit your all severs like AD, Exchange and file server in order to get alert for any security breach with in a network
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Security

From novice to tech pro — start learning today.