We have a client web application running in Azure Kubernetes. There was an optional requirement to implement IPS for the application. It was considered optional, because the application that we are using is not of a complex network architecture. And apart from that we have Cloudflare in place which we think might do the work to protect the web application.
We tried to to contact a couple of vendors for the same and somehow they weren't responding to our emails. The major factors in this scenario are the cost and implementation difficulties for us.
We look forward to intrusion prevention in network level. We are out of UK and US so there is no GDPR, and specifically there are no strict compliance standard to follow. We wouldn't require an SIEM module since it is a lite application.
So, basically I have the below queries in general.
What is the cost range of a typical IPS solution. Let's say, in our case it's just a medium sized web application hosted in Kubernetes under Azure. How much does an IPS cost for this? I don't want an exact figure, because I know it depends on various factors. A broad range is fine.
What is the implementation complexity? We had security in place from around 70% of the total completion of the project and the last sprint is dedicated for security. We have a 2 member devops team in place. Both doesn't have previous experience in IPS implementation. But they have experience in implementing organization level firewall and web application firewall such as Cloudflare(just to mention where our knowldge stands on IPS implementation). Can this be setup without much hassle? For example within a week of time for this small infrastructure?
We are into our final sprint and don't have too much time to spend. So we need to get into a decision between security-cost-time.