[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Intrusion Detection recommendations

Subject: Intrusion Detection recommendations
From: randy at psg.com (Randy Bush)
Date: Sat, 14 Feb 2015 17:38:54 +0900

> I've been tasked by our company president to learn about, investigate and
> recommend an intrusion detection system for our company.
> 
> We're a smaller outfit, less than 100 employees, entirely Apple-based.
> Macs, iPhones, some Mac Mini servers, etc., and a fiber connection to the
> world. We are protected by a FreeBSD firewall setup, and we stay current
> on updates/patches from Apple and FreeBSD, but that's as far as my
> expertise goes.
> 
> Initially, what do people recommend for:
> 
> 1. Crash course in intrusion detection as a whole
> 2. Suggestions or recommendations for intrusion detection hardware or
>    software
> 3. Other things I'm likely overlooking

if you were comfortable enough with freebsd to use it as a firewall, you
can run your traffic through, or mirror it to, a freebsd box running
   https://www.bro.org/ or
   https://www.snort.org/
two quite reasonable and powerful open source systems

randy

Follow-Ups:
- Intrusion Detection recommendations
  - From: mysidia at gmail.com (Jimmy Hess)

Prev by Date: GTT NOC
Next by Date: Intrusion Detection recommendations
Previous by thread: Intrusion Detection recommendations
Next by thread: Intrusion Detection recommendations
Index(es):
- Date
- Thread