The Role of Intrusion Detection Systems

An intrusion detection system (IDS) is an application or device used to gather and analyzev information that passes across a network or host. An IDS is designed to analyze, identify, and report on any violations or misuse of a network or host.

Let’s take a close look at how an IDS works. An IDS is used to monitor and protect networks by detecting malicious activity and reporting it to a network administrator. Once activities of this type are detected, an administrator is alerted.

Here are some things to keep in mind as we go forward. An IDS:

  • Is designed to detect malicious or nonstandard behavior
  •  Gathers information from within a network to detect violations of security policy
  •  Reports violations and deviations to an administrator or system owner