Software vendors are going to kill me for saying this, but you don't have to break the bank with software costs. There are FREE alternatives. Vendors may debate over which are better. But that decision has to be made on a per software basis and per use-case.

As long as you have good support, Open Source software can be as good, even better.

The code in most cases is well developed and audited by the open source community. I can see many medium tier organizations run these enterprise open source software and save a lot of money in product fees. They will still have to pay for implementation and support costs, but that will be there with all software anyways.

Here's a list I compiled of enterprise level security/network tools an organization can benefit from. By no means is this list exhaustive, a comparison or in any order of priority.

 

Function Free / Open Source Paid
LAN Monitoring Tool

Network Monitoring (NMS)

NMIS

NtopNG (nTop Probe for netflow has a cost)

OpenNMS

PRTG (100 Sensors free)

LogRhythm NetMon Freemium

SolarWinds

Cisco Prime Infrastructure

ManageEngine

LogRhythm Netmon

NAC (Network Access Control) PacketFence Cisco ISE

HP/Aruba ClearPass

Firewall pfSense Cisco ASA, Palo Alto, SonicWall
IPS / IDS pfSense

SecurityOnion

Cisco FirePower / Meraki

Palo Alto

SonicWall

Identity OpenLDAP

SAMBA

ApacheDS

Microsoft Active Directory (AD)
Client VPN Vyatta Cisco AnyConnect
URL Filtering OpenDNS/Umbrella

SquidGuard (on pfSense)

Untangle

Cisco OpenDNS/Umbrella

Websense

Barracuda

SonicWall

Watch Guard

Blue Coat

Sophos

SIEM (Security Incidence & Event Management) AlienVault OSSIM AlienVault USM, Splunk, LogRhythm Enterprise/XM, Alert Logic, Trustwave, HPE, FireEye, ArcSight, many others...
Vulnerability Assessment/Scanners OpenVAS (GreenBone)

AlienVault OSSIM

Retina

Maltego

Qualys

Nessus

Rapid7: nexposeinsightVM

Multi-Factor Authentication LinOTP, OpenOTP

Duo (sms)

Authy

Google Authenticator*

LastPass Authenticator

RSA

Microsoft

Gemalto

OKTA

Certificate Authority Let's Encrypt GoDaddy, VeriSign, Thawte
Load Balancers  Seesaw (by google)

KEMP

HAProxy

GoBetween

F5, Barracuda

AWS, Cloudflare, Google Cloud, Azure

Log Servers ELK Stack (Elastic Search, Logstash, Kibana) [pre-built VM]

SysLog-NG

GrayLog

LogRhythm Netmon Freemium

Splunk

PaperTrail ( by SolarWinds)

LogRhythm Netmon

Phising Simulation goPhish KnowBe4

insightPhish

 Disk Encryption BitLocker (Windows)

FileVault (Mac)

VeraCrypt (Win/Mac/Linux)

Symantec, Checkpoint, Dell, Sophos, McAfee,  IBM, Trend Micro

*Not Open Source but free.