Guarding against network intrusions requires the monitoring of network traffic for particular network segments or devices and analysis of network, transport, and application protocols to identify suspicious activity. This chapter provides a detailed discussion of network-based intrusion protection technologies. It contains a brief overview of the major components of network-based intrusion protection systems and explains the architectures typically used for deploying the components. It also examines the security capabilities of the technologies in depth, including the methodologies they use to identify suspicious activity. ...