Software vendors are going to kill me for saying this, but you don't have to break the bank with software costs. There are FREE alternatives. Vendors may debate over which are better. But that decision has to be made on a per software basis and per use-case.

As long as you have good support, Open Source software can be as good, even better.

The code in most cases is well developed and audited by the open source community. I can see many medium tier organizations run these enterprise open source software and save a lot of money in product fees. They will still have to pay for implementation and support costs, but that will be there with all software anyways.

Here's a list I compiled of enterprise level security/network tools an organization can benefit from. By no means is this list exhaustive, a comparison or in any order of priority.

 

Function Free / Open Source Paid
LAN Monitoring Tool
Network Monitoring (NMS)
NMIS
NtopNG (nTop Probe for netflow has a cost)
OpenNMS
PRTG (100 Sensors free)
LogRhythm NetMon Freemium
SolarWinds
Cisco Prime Infrastructure
ManageEngineLogRhythm Netmon
NAC (Network Access Control) PacketFence Cisco ISE
HP/Aruba ClearPass
Firewall pfSense Cisco ASA, Palo Alto, SonicWall
IPS / IDS pfSense

SecurityOnion

Cisco FirePower / Meraki
Palo Alto
SonicWall
Identity OpenLDAP
SAMBA
ApacheDS
JumpCloud (10 free users)
Microsoft Active Directory (AD)
Client VPN Vyatta Cisco AnyConnect
URL Filtering OpenDNS/Umbrella

SquidGuard (on pfSense)

Untangle

Cisco OpenDNS/Umbrella
Websense
Barracuda
SonicWall
Watch Guard
Blue Coat
Sophos
SIEM (Security Information & Event Management) AlienVault OSSIM AlienVault USM, Splunk, LogRhythm Enterprise/XM, Alert Logic, Trustwave, HPE, FireEye, ArcSight, many others...
Vulnerability Assessment/Scanners OpenVAS (GreenBone)
AlienVault OSSIM
Retina
Maltego
Qualys
Nessus
Rapid7: nexposeinsightVM
Multi-Factor Authentication LinOTP, OpenOTP
Duo (Free 10 users)
Authy
Google Authenticator*
LastPass Authenticator
RSA
Microsoft
Gemalto
OKTA
Certificate Authority Let's Encrypt GoDaddy, VeriSign, Thawte
Load Balancers Seesaw (by google)
KEMP
HAProxy
GoBetween
F5, Barracuda
AWS, Cloudflare, Google Cloud, Azure
Log Servers ELK Stack (Elastic Search, Logstash, Kibana) [pre-built VM]
SysLog-NG
GrayLog
LogRhythm Netmon Freemium
Splunk
PaperTrail ( by SolarWinds)
LogRhythm Netmon
Phising Simulation goPhish KnowBe4
insightPhish
 Disk Encryption BitLocker (Windows)
FileVault (Mac)
VeraCrypt (Win/Mac/Linux)
Symantec, Checkpoint, Dell, Sophos, McAfee,  IBM, Trend Micro, many others

*Not Open Source but free.