Intrusion detection system Vs intrusion Prevention system system

Intrusion detection system vs intrusion Prevention system system

An intrusion detection system (IDS) is a security technology designed to monitor and analyze network traffic for signs of malicious activity or policy violations. The primary function of an IDS is to identify and alert security personnel when unauthorized access or malicious activity is detected on a network.

There are two main types of IDS:

Network-based IDS (NIDS): NIDS monitors network traffic and analyzes packets for suspicious activity. It can be deployed at strategic points in a network, such as at the perimeter or between network segments.

Host-based IDS (HIDS): HIDS is installed on individual hosts and monitors activity on the host itself. It can detect attacks that are not visible on the network, such as insider attacks or local privilege escalation.