Architecting Intrusion-Detection Solutions: Choose the IDS That's Right for You
Intrusion-Detection Systems (IDSs) have become an increasingly important part of the security strategy of many organizations. An IDS plays a key role in the concept of defense-in-depth, being only one of several deployed countermeasures designed to deter, slow down, and detect an attack before it occurs or before more serious actions occur. Discover the different types of IDSs and what types of attacks each can detect (or not detect), and see issues to consider when planning an IDS deployment. Before getting into any discussion of intrusion detection, it's important to clarify the process of intrusion detection. In the purest sense, intrusion detection is the process of monitoring a network or the hosts on a network for unauthorized activity, such as unusual activity or file modification.