Re: Intrusion Detection recommendations

[Mel Beckman <mel () beckman org>]

Unless you need regulatory-grade IDS, your best bet is a Unified Threat Management (UTM) appliance, essentially any 
modern enterprise grade firewall such as a Cisco ASA, Fortigate, SonicWall, etc. These all have built-in IDS/IPS 
options for a fee.

 -mel

On Feb 13, 2015, at 9:40 AM, Andy Ringsmuth <andy () newslink com>
 wrote:

> NANOG'ers,
>
> I've been tasked by our company president to learn about, investigate and recommend an intrusion detection system for 
> our company.
>
> We're a smaller outfit, less than 100 employees, entirely Apple-based. Macs, iPhones, some Mac Mini servers, etc., 
> and a fiber connection to the world. We are protected by a FreeBSD firewall setup, and we stay current on 
> updates/patches from Apple and FreeBSD, but that's as far as my expertise goes.
>
> Initially, what do people recommend for:
>
> 1. Crash course in intrusion detection as a whole
> 2. Suggestions or recommendations for intrusion detection hardware or software
> 3. Other things I'm likely overlooking
>
> Thank you all in advance for your wisdom.
>
>
> ----
> Andy Ringsmuth
> andy () newslink com
> News Link – Manager Technology & Facilities
> 2201 Winthrop Rd., Lincoln, NE 68502-4158
> (402) 475-6397    (402) 304-0083 cellular