Threat management continues to be a top priority, it is more important than ever for cash-strapped businesses to fully understand the functionality of intrusion detection systems to ensure they buy the right solution.
Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS) are a particularly confusing area because the products are so similar, the vendors are all the same, and even the acronyms are hard to tell apart.
What is an IDS?
An IDS is a visibility tool. Intrusion Detection Systems sit off to the side of the network, monitoring traffic at many different points, and provide visibility into the security posture of the network. A good analogy is to compare an IDS with a sewer inspector. A sewer inspector looks deep into the sewers see what is happening, in sometimes excruciating detail. An IDS is a “protocol analyzer” for the security engineer. The IDS looks deep into the computer network and can sees what is happening from the security point of view in near real time.
In the hands of a competent and well trained security analyst, the IDS becomes a window into the network. The information provided by the IDS will help the security and network management teams uncover:
“Increased visibility into the security posture of the network is what characterises an IDS, but for the majority of companies they do not have a team to monitor the IDS and so the visibility gained is completely wasted.”
This is where we come in….. read more