Learn about Intrusion Detection Systems

Network-Based IDS (NIDS)

"NIDS can *see* anything traveling over the network."

  Why is IDS Needed?
  Intrusion Overview
  What is IDS?
  Desirable Features
  Anomaly-Based
  Misuse-Based
  Host-Based
  Network-Based
  Current IDS Limitations
  IDS Implementations
  Room to Improve
  Using AI in IDS
A network-based intrusion detection system uses a firewall approach to examine the network traffic (packets) at the router or host level for intrusive activity.

That is, the network-based intrusion detection system (or NIDS) scans any traffic that is transmitted over the segment of the network and only permits through the packets that are not identified as intrusive.

With the explosive growth of networking and data sharing, NIDS have become the most popular form of Intrusion Detection.

The need to scan the voluminous amounts of network activity and successfully recognize and tag network-wide intrusive behavior is well received within the security industry.

Benefits to NIDS Implementations:

- Relatively easy deployment - NIDS are installed per network segment. Deployment to 50 servers may only require 1 network-based intrusion detection system installation. 

- A NIDS can be configured to be invisible to the attacker.

- Can view intrusive activity that is targeting several hosts.

- Provides greater detail into the nature of network traffic.

- NIDS can interact with firewall technologies to dynamically block recognized intrusion behavior.

IDStutorial.com, Copyright © 2007 - 2010 All Rights Reserved. Copying content from this website is strictly not allowed and will be pursued by legal channels when found. The information on this site is the opinions of the author, it is not guaranteed to be correct, and is to be used for information purposes only.