Introduction to IDS IPS: Network intrusion detection system basics

Introduction to IDS IPS: Network intrusion detection system basics

An enterprise has a lot to consider when making the decision to incorporate a network intrusion detection system (IDS) into its network architecture, as well as its security strategy.

This one-page guide, which is a part of the SearchSecurity.com IDS/IPS Security Guide, acts as an introduction to both IDS and network intrusion prevention system (IPS) technology. Here, security professionals will gain some insight on how to determine which IDS/IPS technology is right for their enterprise, and will learn more about the differences between the two technologies.

Table of contents:

How to buy a network intrusion prevention system: Features, testing and review

Security managers have a lot to contemplate in terms of needed features and capabilities when considering deploying a network intrusion prevention system (IPS) in the enterprise.

Here, contributor David Meier discusses how managers can determine which IPS is the best for their enterprises and how to buy an ISP, and offers advice on IPS feature testing and comparison, IPS signature-update functions, and what to do if the IPS fails.

Network intrusion detection vs. IPS: How to know when you need the technology

For many enterprises, one of the most difficult tasks when deploying an IDS or IPS is simply understanding at what point they need the technology, what the differences are between the two technologies, and what functions each system could be used for.

In this tip, which is a part of the SearchSecurity.com Security School lesson, How IDS/IPS enables business objectives, contributor Jennifer Jabbusch offers an IDS vs. IPS comparison, describes the capabilities of each technology, and explains how security managers can determine when their enterprise is ready for an IDS or IPS.

Can a network intrusion detection system, DMZ and honeypot together achieve better security?

Both intrusion detection systems and demilitarized zones (DMZ) play a critical role in the security of enterprises. In this expert response, security professionals will learn how an IDS, DMZ and honeypots can work together to improve network security.

Will host-based network intrusion detection software replace signature IDS?

With the threat of malware targeting applications and browsers on the rise, and as more enterprises encrypt an increasing percentage of overall network traffic, traditional network signature-based intrusion detection and prevention systems are becoming less effective.

Considering the decline in the relevance of signature-based IDS, will host-based intrusion detection software be the only option for an enterprise? Contributor Anand Sastry explains in this expert response.