I would counter that by saying that "$32,500 a year"
isn't a lot of money. That's less than half the cost of
one, fairly junior, employee.
Furthermore, you say that you work for a
miltary office that, I surmise, handles data with at least three levels of classification ... the
least of which, I am sure, is (at least) "Confidential." Therefore, information security and intrusion prevention is of
"Mission Critical" importance, and every "higher-up" knows it, as do the affected
commanding officers.
Therefore, you should focus your attention on, first, ensuring that the proposed system really
works, and upon constructing a
business military plan for deploying it.
Always remember that
"computer software is never 'free,'" even when it is "open source."
There is no "F" in the acronym, "FOSS."
"Soldiers won't die" if your office spends money. But they
might die if your systems are penetrated. (In any case, your office's
mission would be compromised.) Therefore, know when to ignore office politics. Your organization has the money, and, if need be, the willingness to spend it.
Your office could spend
one hundred times that amount, or even more, "in the name of information security," if a sufficient case could be built for doing so.
Your task is: "to build that case."
You should recommend, not only what should be purchased, but
exactly how it should be deployed, and what it will
actually cost, per annum, while in service. Future budgets will be drawn-up accordingly.
Don't "duck and run" from office politics. Don't be "penny-wise and pound-foolish." Construct what is, in your
professional opinion, the best thing for the organization to do. Then, sell it to those above you, knowing that part of
their job is to ask questions and to challenge you.
If you take a tour of the US National Cryptologic Museum, which is located at the headquarters of the National Security Agency (NSA), you will see copies of
posters like these, with the additional line:
"The Message Is Still The Same." So ... "choose well."