Like lots of network administrators, Gerald Posey would love to install commercial firewalls, IDSes and vulnerability assessment tools on his system. But he can't. His law enforcement agency in Louisiana lacks the money and manpower to guard an entire network, so instead he looks for less expensive options--free ones, actually. "We're looking for tools that are 'reasonably priced,'" jokes Posey, a data processing operations manager.. . .
Like lots of network administrators, Gerald Posey would love to install commercial firewalls, IDSes and vulnerability assessment tools on his system. But he can't. His law enforcement agency in Louisiana lacks the money and manpower to guard an entire network, so instead he looks for less expensive options--free ones, actually. "We're looking for tools that are 'reasonably priced,'" jokes Posey, a data processing operations manager.

To help protect his hybrid network, Posey is investigating open-source tools such as the Snort IDS for network security and the Linux Intrusion Detection System (LIDS) and the freeware version of Tripwire for host security.

Posey plans to use these tools to supplement the firewall now protecting his network, which consists of one data center, 10 remote sites, an AS/400 midrange server and two NT servers. More is planned under a new, security-conscious administration determined to meet state privacy regulations, but the initiative comes after Posey's IT staff was slashed in half. "So we're having to do more with less, and we're having to rely more on the technology to monitor and maintain our security, where before we had more individuals assigned to do that."

Posey's situation is familiar to IT security managers charged with protecting their networks on limited (or nonexistent) budgets. When it comes to security, there's never enough money to do everything you want to. Most security practitioners are intimately familiar with the concept of "doing more with less." Where funding is lacking for an important security project, many turn to the Internet, which is chock-full of robust freeware tools and time-tested advice for securing enterprise networks and systems.