By now we've all heard about Heartbleed.
Bottom line is that the vulnerability has existed for years, and there is no way of knowing if your company was totally exposed in the past, or not.
We do not currently have an IDS.
Our routers are all Cisco - but my experience with Cisco has been that anything beyond basic routing and switching is inordinately expensive.
Our topology is hub and spoke, using ipsec tunnels for internal traffic and management.
Leaf nodes have their own internet connections.
Home running the internet connections back to HQ would be cost prohibitive - our leaf nodes have heavy internet traffic.
What are my best options for an IDS system that won't break the bank (free is cool - but supported at a reasonable cost is better) or require more than minimal linux skills?
Does adding IPS in addition to IDS ratchet the cost complexity way up?
I've considered Snort - but now I see that Cisco has gobbled them up, so I expect that path to either become expensive, or unwieldy, or more likely - both.