I have a small business: 2 servers, IOT devices, upto 10 endpoints, cisco switch CBS350-24FP, SG5100 pfsense firewall with SNORT&pfBlockerNG, Bitdefender elite for end points.
More out of interest then necessity, I would like to achieve the following:
- More centralized view for network overview, detection, analysis and (auto)response across my network and end point
- ideally full decryption of https
I was looking at cisco solution (Cisco Firepower 1010, Cisco FPR1010 Small Business Edition Threat Defense Threat - Malware - URL, CISCO AMP) which would be a couple of 1000 dollars. Not 100% sure that this would cover the needs fully.
Any advise is welcome on:
- hardware/software combinations as I’m a bit lost in the wide range of options. Happy to consider open source and/or commercial products.
- other advised security tools
PS: Big thanks for the youtube channel really helped and got me interested in more each time