Intrusion Prevention recommendations?

edodd40
edodd40 used Ask the Experts™
on
Looking for recommendations for a good intrusion prevention system.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
On what??

At clients, we use VPN routers set up for basic intrusion detection.

On servers and on workstations, we use Symantec Endpoint Protection which has good intrusion detection.

All the above works.

Here is where any system fails:

1. People go to dodgy links. Since the person clicked, there is little or no protection.
2. People open emails from unknown sources. Too late at this point.

Author

Commented:
Sorry, I should have been more specific. I am looking for a solution for servers and workstations.
Can you please provide your requirement?
Ensure you’re charging the right price for your IT

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
As I noted, we use Symantec Endpoint Protection which has very good built-in Intrusion Detection.
I rather use ESET instead of Symantec.  ESET doesn't cause slowdows that Symantec sometimes does while a user is working.  It still does slow down the system during scans, but it doesn't take over a system like symantec sometimes does.

At your border, you should get something like a Fortigate or Sonicwall with VPN and IDS capabilities at the border.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018
Commented:
Newest version of Symantec is very fast and does not cause slowdowns.
How new?  Recently new?  It took them long enough.  Almost everything else major was just better for so many, many years.  I'll wait until it's been proven for a stretch before ever considering recommending them.

The slowdowns on ESET are only noticeable when you run intensive calculations or disk access and you realize that the process took a bit longer than it normally did.  Symantec has historically frozen the system at times and made it unusable until their scan finished.  There were so many complaints at places that had it installed.  It was a just pain to deal with.  I've known many other sysadmins that would choose anything but Symantec.
JohnBusiness Consultant (Owner)
Most Valuable Expert 2012
Expert of the Year 2018

Commented:
Symantec has historically frozen the system at times and made it unusable until their scan finished  <-- Such never happened to me. I am using Windows 10 and need the newest version of SEP but any version of SEP in the past 36 months worked well for me.

I have heard the stories above as well - many times.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial