My boss handed me this article on "Safeguarding Corporate Information". It talks about how new laws require companies that store data about individuals to have adequate security procedures and practices in place to not only protect the data but to also allow for prompt alerting when attacks and intrusions take place.
She asked me to look at it and see if our network meets the standards set forth in the article. After reading it, I'd have to say that it does not.
While we take reasonable measures to protect private data, we do not have systems in place that alert us if an intrusion takes place.
Which means that now I should probably start looking at Intrusion Detection Systems and other means to prevent intrusions and to collect the data necessary to meet the requirements of these laws.
Anyone know of any good IDS systems that are relatively easy to set up, that work well and don't cost an arm and a leg? I'd say anything above $5000 is right out, with $2500-$3000 being a good goal for a business this size.
Also, I was talking to some colleagues today about their plans for security of their network and they were told that Microsoft's ISA is a rock solid security solution. I don't particularly like application firewalls like that or Checkpoint because they are expensive and run ontop of a multipurpose OS (Windows). These tend to crash more often than the OS on a Netscreen for instance, are more complicated to set up and keep patched and are just plain harder to manage because if you have a problem, you have 3 vendors you need to call: the firewall vendor, the OS vendor and the hardware vendor. Whereas, with a firewall like a Cisco Pix, Netscreen or SonicWall, you have a single point of contact.
Anyhow, if anyone knows of any good IDS solutions that meet the requirements that I outlined above, please let me know.
http://snort-inline.sourceforge.net/
Intrusion detection and prevention.
Posted by: Adnan Wasim | Thursday, April 14, 2005 at 02:51 PM
I think you're looking for something like TripWire (http://www.tripwire.com/), which is around $1000 per server, last time I checked.
Posted by: David | Tuesday, May 03, 2005 at 02:26 PM
We make something that's really easy to set up, works across routers/switches, and can cost as little as $1000. Check out http://www.neon.com/CSwin.html and download the free trial. (We've won 4 Editor's Choice awards in the last year -- and were just nominated for TechEd Best of Show, to be awarded next week.)
Posted by: Craig | Wednesday, June 01, 2005 at 01:43 PM