This is for inter-VLAN monitoring mostly. There's already an IPS at the perimeter. I've been using Security Onion for the past few months, but it's really more than what we need; We're a pretty small operation, and I have the sensor and collector all on the same physical box connected to a SPAN port. Is there an Easy-Bake Oven of IDS out there? I had thought about pfSense with Snort, but using a firewall distro in that way seems like using a saw in place of a hammer. Preferably, I need something with a pretty GUI so the less CLI savvy people here don't feel overwhelmed. Thanks.
No comments:
Post a Comment