Firewalls provide a barrier for traffic. However, some traffic may look legitimate and may in fact be legitimate, but it might be carrying devious viruses or attack programs.
Although a firewall is sufficient for home use, corporations tend to have more at risk and choose to invest in extra measures to detect traffic patterns that a firewall can’t catch. Intrusion detection provides this ability.
IDSs analyze data in real time to detect, log, and hinder misuse and attacks. Host-based IDSs monitor server operations for any mischievous events. Network-based IDSs monitor network traffic on a specific portion of the network.
Network-based IDSs monitor traffic in real time, looking at a ...