Open Source Versus Commercial Products
Both of us are employees of Cisco Systems, and we use their security products. Because we are giving you advice based on our experience, you will find many references to Cisco products. We use open source tools when they meet a specific need, and reference them enthusiastically when they work well. Open source products are featured in Richard Bejtlich’s book, The Tao of Network Security Monitoring (Addison-Wesley Professional), which covers the use of security monitoring tools such as Snort, Bro, Argus, Sguil, and dozens of others. It is a great reference for those who have not already built, or are looking to enhance, their monitoring infrastructure. This book intends to help readers get the most out of their security monitoring tools, whichever products they choose.