I'd recommend that you obtain specialized devices to fill each role on your network. It's a best practice to have...
a dedicated router filing the router role, and it'll be better yet if you can purchase a hardware router, rather than building one on a FreeBSD server. Similarly, you should have a separate device acting as your IDS sensor.
The reason for all of this? Minimizing complexity. A more complex networking environment increases the chances of something going wrong and makes it more difficult to troubleshoot network problems.
Dig Deeper on Open Source Security Tools and Applications
Related Q&A from Mike Chapple
Encrypting data going to the cloud is a security best practice, but does it add extra challenges for regulators that might need to access the data? ...continue reading
Merchants that sell at off-site venues need to take extra care to follow PCI compliance standards. Expert Mike Chapple discusses how organizations ...continue reading
The FTC's order for PCI DSS compliance assessments is odd since PCI isn't a government regulation. Expert Mike Chapple explains the motivation ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.