Cyber security setup/tools

Cyber Security & Hacking
1

Hi,

I have a small business: 2 servers, IOT devices, upto 10 endpoints, cisco switch CBS350-24FP, SG5100 pfsense firewall with SNORT&pfBlockerNG, Bitdefender elite for end points.

More out of interest then necessity, I would like to achieve the following:

  • More centralized view for network overview, detection, analysis and (auto)response across my network and end point
  • ideally full decryption of https

I was looking at cisco solution (Cisco Firepower 1010, Cisco FPR1010 Small Business Edition Threat Defense Threat - Malware - URL, CISCO AMP) which would be a couple of 1000 dollars. Not 100% sure that this would cover the needs fully.

Any advise is welcome on:

  • hardware/software combinations as I’m a bit lost in the wide range of options. Happy to consider open source and/or commercial products.
  • other advised security tools

Cheers,
John

PS: Big thanks for the youtube channel really helped and got me interested in more each time :slight_smile:

2

For you first bullet, it sounds like Zabbix would be a good fit. It’s a really great tool and provides more than just network overview. Zabbix 6.0 LTS was just release Feb 8th 2022. And Tom did a nice YT video on Zabbix 4.0 LTS back in I think it was 2018?

I’m not sure what you mean by

Could you expand a little bit on what you mean by that?

1 Like
3

Thanks Tmi! I’ll have a look :slightly_smiling_face:

I meant the ability to decrypt HTTPS traffic, inspect it, encrypt them again and send it to destination server

4

Zabbix does network monitoring but we use tools such as SentinelOne, Huntress and Zorus for monitoring and filtering. There are not really any open source tools that easy to use or to manage when it comes to cyber security and web filtering. This is what a lot of businesses hire us to take care of.

1 Like