What is an intrusion detection system (IDS)? A valued capability with serious management challenges
An intrusion detection system, or IDS, monitors traffic moving on networks and through systems to search for suspicious activity and known threats, sending up alerts when it finds such items.
Enterprise IT departments deploy intrusion detection systems to gain visibility into potentially malicious activities happening within their technology environments.
“The overall purpose of an IDS is to inform IT personnel that a network intrusion may be taking place. Alerting information will generally include information about the source address of the intrusion, the target/victim address, and type of attack that is suspected,” said Brian Rexroad, vice president of security platforms for AT&T.