Intrusion Detection System is a system designed for the recognition of attacks against either against the host computer or the network. IDS can complement a firewall or run directly on a monitored computer system to increase network security. NIDS is a network security system focusing on the attacks that come from the inside of the network (authorized users).
There are three types of IDS:
Host-based IDS
Network-based IDS
Hybrid IDS
Some systems may attempt to stop an intrusion attempt but this is
neither required nor expected of a monitoring system. Intrusion
detection and prevention systems (IDPS) are primarily focused on
identifying possible incidents, logging information about them, and
reporting attempts. In addition, organizations use IDPSes for other
purposes, such as identifying problems with security policies,
documenting existing threats and deterring individuals from violating
security policies. IDPSes have become a necessary addition to the
security infrastructure of nearly every organization.
No comments:
Post a Comment