Intrusion Detection System
                     Intrusion Detection System  
 
An Intrusion Detection System is a network security technology originally built for 
detecting vulnerability exploits against a target application or system. The 
intrusion prevention systems extended IDS solutions by adding the ability to block 
threats in addition to detecting them and have become the dominant deployment 
option for IDS or IPS technologies. This article will elaborate on the configuration 
and functions that define the intrusion system deployment. An intrusion 
detection system only needs to detect threats and as such is placed out-of-band 
on the network infrastructure, meaning that it is not in the true real-time 
communication path between the sender and receiver of data. Rather, Intrusion 
solutions will often take advantage of a TAP or SPAN port to analyze a copy of the 
inline traffic flow. Thus ensuring that IDS does not impact inline network 
execution. IDS was developed this way because at the time the depth of analysis 
required for intrusion detection could not be performed at a speed that could 
keep pace with components on the direct communications path of the network 
configuration. As explained, the IDS is also a listen-only tool. The IDS monitors 
traffic and reports its results to an administrator or controller. But it cannot 
automatically take action to prevent a detected exploit from taking over the 
structure. Attackers are capable of exploiting vulnerabilities very quickly once 
they enter the network, rendering the IDS an inadequate deployment for 
prevention tool.