Software vendors are going to kill me for saying this, but you don't have to break the bank with software costs. There are FREE alternatives. Vendors may debate over which are better. But that decision has to be made on a per software basis and per use-case.
As long as you have good support, Open Source software can be as good, even better.
The code in most cases is well developed and audited by the open source community. I can see many medium tier organizations run these enterprise open source software and save a lot of money in product fees. They will still have to pay for implementation and support costs, but that will be there with all software anyways.
Here's a list I compiled of enterprise level security/network tools an organization can benefit from. By no means is this list exhaustive, a comparison or in any order of priority.
|Function||Free / Open Source||Paid|
|LAN Monitoring Tool
Network Monitoring (NMS)
NtopNG (nTop Probe for netflow has a cost)
PRTG (100 Sensors free)
Cisco Prime Infrastructure
|NAC (Network Access Control)||PacketFence||Cisco ISE
|Firewall||pfSense||Cisco ASA, Palo Alto, SonicWall|
|IPS / IDS||pfSense
|Cisco FirePower / Meraki
|Microsoft Active Directory (AD)|
|Client VPN||Vyatta||Cisco AnyConnect|
SquidGuard (on pfSense)
|SIEM (Security Incidence & Event Management)||AlienVault OSSIM||AlienVault USM, Splunk, LogRhythm Enterprise/XM, Alert Logic, Trustwave, HPE, FireEye, ArcSight, many others...|
|Vulnerability Assessment/Scanners||OpenVAS (GreenBone)
|Multi-Factor Authentication||LinOTP, OpenOTP
|Certificate Authority||Let's Encrypt||GoDaddy, VeriSign, Thawte|
|Load Balancers||Seesaw (by google)||F5, Barracuda
AWS, Cloudflare, Google Cloud, Azure
|Log Servers||ELK Stack (Elastic Search, Logstash, Kibana) [pre-built VM]
PaperTrail ( by SolarWinds)
|Disk Encryption||BitLocker (Windows)
|Symantec, Checkpoint, Dell, Sophos, McAfee, IBM, Trend Micro|
*Not Open Source but free.