Intrusion Detection System

Intrusion detection system (IDS). Program used to detect unauthorized access to a computer or network. These accesses can be attacks by skilled hackers, or Script Kiddies that use automatic tools.

The IDS usually has virtual sensors (for example, a network sniffer) with which the IDS core can obtain external data (usually on network traffic). The IDS detects, thanks to these sensors, anomalies that may indicate the presence of attacks or false alarms.

Intrusion Detection System

Types of intrusion detection systems used by UTMVAULT®.

HIDS (HostIDS): (Network intrusion detection system), which guarantees security within the network, the operating principle of a HIDS, depends on the success of the intruders, who generally leave traces of their activities on the attacked team , when they try to take over it, with the purpose of carrying out other activities. The HIDS tries to detect such modifications in the affected team, and make a report of its conclusions.

NIDS (NetworkIDS): (Host intrusion detection system), which guarantees security on the host, a network-based IDS, detecting attacks on the entire network segment. Its [[interface must work in promiscuous mode thus capturing all network traffic.