An intrusion detection system (IDS) is a device or software application that monitors network or system activities for hateful activities or policy violations and produces reports to a management station. Some systems may attempt to stop an infringement attempt.
- An intrusion detection system (IDS) inspects all inbound and outbound network activity and identifies doubtful patterns.
- Intrusion detection (ID) is a type of security management system for computers and networks.
- ID uses vulnerability evaluation (sometimes referred to as scanning), which is a technology developed to assess the security of a computer system or network.
- Itís an active process to analyze the system and network access for unlawful entry / malicious activity.
- It can also monitor network activity, audit network and system configurations for vulnerabilities, analyze data integrity, and more.
- Depending on the discovery methods you choose to deploy, there are several direct and incidental benefits for using IDS.
There are three main types of Intrusion Detection systems and they are,
- Network intrusion detection system (NIDS).
- Host-based intrusion detection system (HIDS).
- Stack-based intrusion detection system (SIDS).
- Monitors the action of firewalls, routers, key management servers and files that are critical to other security mechanisms.
- Allows manager to tune, organize and comprehend often incomprehensible operating system audit trails and other logs.
- Has no impact on the systems or networks it is monitoring.
- Doesnít add any load to the hosts.
- Provides flexibility and adaptability.
Real Time Examples
Since intrusion detection is very crucial and is always needed for both public and private sectors, itís been employed everywhere to take guard of the network itís obliged to.
- Used alongside Firewalls.
- Comes as a sub-ordinate with many anti-virus packages.
- Integrated with browsers for secure browsing and downloading.
- Used in LANís and similar networks.