Home > Articles > Security > Network Security

  • Print
  • + Share This
This chapter is from the book

Intrusion Detection

Intrusion detection really isn't about firewalls at all. It is an additional security device that you can use to understand what is happening on your network.

While signature-based detection is a form of intrusion detection, true intrusion detection can go further. Essentially, with an intrusion detection system (IDS), you configure rules to look for certain types of traffic, and then define the actions to take when it is detected. An IDS looks at all traffic that passes by it, regardless of whether you want to permit this traffic or not. It will not block traffic, it merely compares the contents of packages to the patterns you have configured. If the IDS finds a match, it will alert you according to the procedures you have defined. You will still need a firewall to block any unwanted packets.

  • + Share This
  • 🔖 Save To Your Account