What is an Intrusion Detection System (IDS)?

Intrusion Detection System (IDS)

An Intrusion Detection System (IDS) is a network security technology that monitors traffic for suspicious activity or known threats and alerts administrators if it detects a potential intrusion.

IDS can be network-based (NIDS), analysing traffic on the network, or host-based (HIDS), monitoring activity on individual devices. IDS can be either signature-based, detecting known threats through predefined signatures, or anomaly-based, detecting unusual patterns of behaviour that may indicate an attack.

Unlike an Intrusion Prevention System (IPS), an IDS does not block traffic but merely monitors and reports.