Monday, March 2, 2020

Why is an intrusion detection system important?

With each passing day, new techniques to compromise computing environments are created, and it is a great challenge for the information security market to keep up with this speed, and even be ahead to not act reactively. Brazil, for example, is the country that suffers the most from ransomware attacks in Latin America, with 55% of the total.

Therefore, the implementation of a good IDS policy is essential in a security architecture. This resource, if constantly updated, is able to keep the infrastructure away from opportunistic attacks, whether from a network perspective, that is, by the very compromise of a computer.

Combining so many network and host- based intrusion detection and prevention systems is essential for good security health. None of the models presented is necessarily exclusive. On the contrary, they must be treated as complementary according to the need and criticality of protection required by a business.

What are the types of IDS?
Intrusion detection systems can be categorized into four groups, depending on the type of event they monitor and the way they are deployed.


  • Machine and network based IDS
  • Network Based

This type of IDS monitors network traffic on a segment or device, and analyzes the network and protocol activity to identify suspicious behavior. It is also capable of detecting numerous types of events of interest, and is generally deployed in a security topology as a border between two networks, through which traffic is funneled. Because of this, in many cases, the IDS feature itself ends up being integrated directly into the firewall .


Read More:  intrusion prevention system

1 comment: