I'm trying to improve my local network security with my first white boxes pen-test setup and I was wondering if there are any realistic network security setups that can be implemented for a local network without hardware IDS/IPS? As I've observed with pen-testing TLS/CA don't seem so secure, and...