Home > Articles > Cisco Network Technology > General Networking > Intrusion Detection Systems

Intrusion Detection Systems

Article Description

Protecting your computer network against attack is vital, especially in the highly connected network environment that we live in. One way to monitor your network for intrusive activity is through the installation of an Intrusion Detection System (IDS), which is discussed in this article by Earl Carter.

Summary

You use an IDS to monitor your network for signs of intrusive activity. An IDS triggers alarms when it detects intrusive activity. The triggering mechanism is probably based on one of the following two techniques:

  • Anomaly detection
  • Misuse detection

To implement its triggering mechanism, your IDS needs to monitor your network for intrusive activity at specific points in your network. The two common monitoring locations are as follows:

  • Host-based
  • Network-based

Because each of these characteristics has benefits and drawbacks, many intrusion detection systems are beginning to incorporate multiple characteristics into hybrid IDSs. These systems attempt to maximize the capability of the IDS while minimizing their drawbacks.