Intrusion detection systems monitor system and network resources to detect unusual activity or changes. There are two types of intrusion detection systems: host and network based. A network based IDS is placed on the network near the system or systems being monitored and analyzes network traffic for attack patterns and suspicious behavior. A host based IDS resides on the system being monitored and tracks changes made to important files and directories. While both are part of a good defense-in-depth strategy to prevent attackers from being able to enter networks and alter or compromise critical information, only a host based intrusion detection system with a well written policy will provide a strong foundation to good system security.
Did you find this white paper useful?
29 out of 50 users found this white paper useful
Related white papers
Engineering e-Business Applications for Security
Without on-demand security there's no on-demand business. Today e-business applications provide critical links among businesses, customers and partners. Any vulnerability translates quickly into loss of revenue, confidence and trust. Traditionally,...
Take the Sophos Threat Detection Test: Is your current anti-virus catching everything it should?
Use the Sophos Threat Detection Test to quickly perform a scan and find any viruses, spyware, adware or zero-day threats that might have by-passed your existing protection. The test can...
Trojan Defence: A Forensic View
The Trojan defence; “I didn’t do it, someone else did”– myth or reality? This two part article investigates the fascinating area of Trojan & network forensics and puts forward...
Gartner Report: Understanding the Nine Protection Styles of Host-Based Intrusion Prevention
This report by Neil MacDonald takes a look at the technologies available today for intrusion prevention. "The time for a more complete approach to host-based intrusion prevention is here. Traditional...
Security Intelligence
Help protect and defend IT assets with IBM security intelligence. But without credible threat analysis and security intelligence, your infrastructure has little-to-no defense against threats and attacks. IBM Managed Security Services...
The Science of Intrusion Detection System: Attack Identification
Among the many vendors of intrusion detection systems (IDS), there is marked variation on what constitutes a network intrusion. This has led to many confusing claims by vendors in the...
Top 5 Instant Messaging Security Risks for 2006
With instant messaging (IM) traffic on pace to exceed e-mail traffic by the end of 2006, you can expect cyber-criminals to orchestrate IM attacks on a larger scale than ever...
