Defense-in-depth is a security concept in which you deploy multiple “layers” of defense on your network, each one protecting pieces that may have been missed by another. But these layers often operate independently of one another, going about their business without any interaction with one another. Using a few pieces of open source software – specifically OSSEC, Snort/Suricata, and Vyatta – a security administrator can build a set of layers that not only detects a scan or attack, but can provide across-the-board stoppage of the source of the attack or scan, not just the individual packets. This gives the network the ability to respond to attacks quickly, thoroughly, and without interaction from the administrator.https://www.buzzsprout.com/8585/82980-iamthemcmaster-creating-an-open-source-self-defending-network.mp3