Intrusion Detection and Prevention

Register or login to post to the forum.
20 Oct, 2015 14:22

Notes on IDS/IPS systems. Note security changes DAILY so YOU are responsible to verify if anything in this thread still applies. But tools to test that will hopefully also be listed in the thread. smile

20 Oct, 2015 14:47

Intrusion Prevention Systems

Low cost

  1. https://sucuri.net/ Securi functions as a web site firewall basically so you point your DNS at it and then it routes and monitors traffic between your site and the Internet. Best value for most sites.

Medium cost

roll your own using one of the following which you can google for more info Time = Money so figure out if this is the route you want to take. But....

  1. IDS/IPS - SNORT - https://www.snort.org/
  2. IDS = Ossec - http://www.ossec.net/

Higher End and Expensive - You Control It

  1. Alert Logic Threat Manager for AWS https://aws.amazon.com/marketplace/pp/B00DZYG3D6

Higher End and Expensive - They Control It

Host with a provider that offers PCI compliant as most of PCI compliance is actually the network configuration.

  1. https://www.armor.com/ (formerly Firehost)
  2. https://aws.amazon.com/compliance/

PCI compliance FYI

Yes the application software must be secure, but that is only a small portion of the actual security and logging needed to monitor a network.

For example, we log as much as the servers let us and push it to remote locations for auditing. But please note at this time Tendenci itself does not offer PCI compliant hosting services, we work with partners for that. You can learn more about PCI at https://www.pcicomplianceguide.org/about-pci-compliance-guide/

And of course unlike the competition, Tendenci Association Management Solutions are Open Source. So you can retain complete control and set it up yourself at the hosting provider of your choice. Source code on github at https://github.com/tendenci/tendenci and documentation at https://tendenci.readthedocs.org/en/latest/

Edited 20 Oct, 2015 14:50